PT-2025-36330 · Mongodb+1 · Mongodb Server+2
Published
2024-10-04
·
Updated
2025-10-20
·
CVE-2025-10060
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
MongoDB Server versions prior to 6.0.25
MongoDB Server versions prior to 7.0.22
MongoDB Server versions prior to 8.0.12
Description
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management.
Recommendations
Upgrade MongoDB Server to version 6.0.25 or later.
Upgrade MongoDB Server to version 7.0.22 or later.
Upgrade MongoDB Server to version 8.0.12 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mongodb Server
Mongodb
Red Os