CVE-2026-4148

Name of the Vulnerable Software and Affected Versions MongoDB Server (affected versions not specified)

Description A use-after-free issue can occur in sharded clusters when a user with read access submits a specifically designed aggregation pipeline using either the $lookup or $graphLookup operators. This issue is triggered by a flaw in the classic engine's handling of these aggregation operations. A use-after-free condition arises when memory is accessed after it has been freed, potentially leading to unpredictable behavior or crashes. The $lookup operator allows joining data from multiple collections, while the $graphLookup operator is used for recursive queries within a collection. The vulnerability is triggered when these operators are used within a specially crafted aggregation pipeline.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.