Critical MongoDB Vulnerability Allows Server Crashes by Unauthenticated Attackers

Critical MongoDB Vulnerability Allows Server Crashes by Unauthenticated Attackers

First seen 5 Mar 2026, 14:10 UTC GbhackersCybersecuritynewsCyberpress 83% similarity 63.8

Article Content

Browse articles
ThreatCluster

A high-severity vulnerability, CVE-2026-25611 (CVSS 7.5), has been identified in MongoDB, enabling unauthenticated attackers to crash exposed servers with minimal bandwidth. This flaw affects all MongoDB versions with compression enabled, including MongoDB Atlas, and over 207,000 instances are currently exposed according to Shodan data.

ThreatCluster AI

Timeline

2026-02-10
CVE-2026-25611 published
2026-03-05
Vulnerability reported in Cybersecuritynews and GBHackers

Community

Browse all →