CNNVD-202602-1453 Information
CNNVD ID
CNNVD-202602-1453
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server存在安全漏洞,该漏洞源于授权用户对包含无效复合通配符索引的集合执行查询,可能导致服务器被禁用。
Description (English)
MongoDB Server is an open-source NoSQL database for MongoDB in the United States. The database provides a collection-oriented memory, dynamic queries, data replication and automatic downtime transfer. There is a security loophole in MongoDB Server, which stems from the authorization of the user to perform a query on a collection containing an invalid composite wildcard index, which may lead to the server being disabled.
Vulnerability Type
其他
Affected Vendor
MongoDB
Published
2026-02-10
Last Modified
2026-02-24
References
https://jira.mongodb.org/browse/SERVER-113685 https://access.redhat.com/security/cve/cve-2026-25613
Patch
https://jira.mongodb.org/browse/SERVER-113685
Share on: