CVE-2026-8843

MEDIUM NVD

CVSS Score 6.5

Severity MEDIUM

Published May 18, 2026

Vendor unknown

Description

Creating a "2dsphere_bucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that index will crash the server. A similar issue occurs when creating "queryable_encrypted_range" indices. This issue affects MongoDB Server v7.0 versions prior to 7.0.32, v8.0 versions prior to 8.0.21 and v8.2 versions prior to 8.2.6

References

https://jira.mongodb.org/browse/SERVER-116327