← Back to CVEs
CVE-2025-7259
MEDIUM6.5
Description
An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0.
CVE Details
CVSS v3.1 Score6.5
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published7/7/2025
Last Modified10/3/2025
Sourcenvd
Honeypot Sightings0
Affected Products
mongodb:mongodb
Weaknesses (CWE)
CWE-843
References
https://jira.mongodb.org/browse/SERVER-102693(cna@mongodb.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.