PT-2026-40529 · Mongodb · Mongodb Server+1
Published
2026-05-13
·
Updated
2026-05-19
·
CVE-2026-8200
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
MongoDB Server versions prior to 7.0.34
MongoDB Server versions prior to 8.0.23
MongoDB Server versions prior to 8.2.9
MongoDB Server versions prior to 8.3.2
Description
When schema validation is enabled on a collection, an update or insert operation that violates the collection's schema may result in local server log messages that do not fully redact user data.
Recommendations
Update to version 7.0.34 or later.
Update to version 8.0.23 or later.
Update to version 8.2.9 or later.
Update to version 8.3.2 or later.
Exploit
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mongodb Server
Mongodb