PT-2026-32484 — Mongodb Mongodb

PT-2026-32484 · Mongodb · Mongodb

Published

2026-04-09

Updated

2026-04-09

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions MongoDB versions prior to 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1

Description MongoDB incorrectly handled length parameters in zlib-compressed network messages before authentication. This allows an unauthenticated remote attacker to trigger the allocation of an oversized memory buffer, which may result in the exposure of sensitive information.

Recommendations Update to version 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3+esm1 by running sudo pro fix USN-8160-1.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

USN-8160-1

Affected Products

Mongodb