MongoDB Multiple Vulnerabilities

Release Date: 14 May 2026

RISK: Medium Risk

TYPE: Servers - Database Servers

Multiple vulnerabilities were identified in MongoDB. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure and denial of service condition on the targeted system.

---

Impact

• Denial of Service
• Information Disclosure
• Remote Code Execution

---

System / Technologies affected

• MongoDB Server 5.0.0 versions prior to 5.0.33
• MongoDB Server 6.0.0 versions prior to 6.0.28
• MongoDB Server 7.0.0 versions prior to 7.0.34
• MongoDB Server 8.0.0 versions prior to 8.0.23
• MongoDB Server 8.2.0 versions prior to 8.2.9
• MongoDB Server 8.3.0 versions prior to 8.3.2

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• https://www.mongodb.com/resources/products/alerts#security

---

Vulnerability Identifier

• CVE-2026-8053
• CVE-2026-8199
• CVE-2026-8200
• CVE-2026-8201
• CVE-2026-8202
• CVE-2026-8336

---

Source

• MongoDB

---

Related Link

• https://www.mongodb.com/resources/products/alerts#security