PT-2026-41684 · Mongodb · Mongodb Server
Published
2026-05-18
·
Updated
2026-05-18
·
CVE-2026-8843
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
MongoDB Server versions prior to 7.0.32
MongoDB Server versions prior to 8.0.21
MongoDB Server versions prior to 8.2.6
Description
Creating a "2dsphere bucket" index or a "queryable encrypted range" index on a non-timeseries bucket collection can lead to a server crash. The crash occurs during subsequent attempts to insert a document that triggers an update to these specific indices.
Recommendations
Update to version 7.0.32 or later.
Update to version 8.0.21 or later.
Update to version 8.2.6 or later.
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mongodb Server