CVE-2026-9750

MEDIUM NVD

CVSS Score 6.5

Severity MEDIUM

Published Jun 09, 2026

Vendor unknown

Description

An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain execution paths.

References

https://jira.mongodb.org/browse/SERVER-123633