CyberRota
← Ana sayfaya dön

CVE-2026-11933

HIGH · CVSS 8.8 EPSS %0.38

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-12T02:16:38.527 · Çekilme zamanı: 2026-06-30T18:19:56.502824+00:00

CyberRota Yorumu

MongoDB kullanan sistemleri etkileyebilir. Bellek tüketimine neden olabilir. Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-11933
Severity
HIGH
CVSS
8.8
EPSS
%0.38
MongoDB Java

Orijinal NVD Açıklaması

A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript (for example, via $where or $function) can cause the server to access memory that has already been freed. This may result in disclosure of information from the mongod process memory or a denial of service through a server crash.