← العودة للجدول
CVE-2026-11933
CVE-2026-11933 — A use-after-free vulnerability exists in MongoDB Server's server-side JavaS
📅 2026-06-12
🟠 High 🔥 No NVD DDoS DDoS CVSS 8.8

📋 الوصف الكامل

A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript (for example, via $where or $function) can cause the server to access memory that has already been freed. This may result in disclosure of information from the mongod pr

💻 الأنظمة المتأثرة

MongoDB

⚠️ نوع التهديد

DDoS

🔗 CVE ID

CVE-2026-11933

📡 المصدر

NVD

✅ الحلول والتخفيف

Refer to CVE-2026-11933 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←