CVE-2026-9746 | THREATINT

Description

When using $changestreams and $_requestReshardingResumeToken with the exchange option the server hits an invariant which causes the server to crash. There are no special privileges needed. The user must be logged in to issue the statement.

PUBLISHED Reserved 2026-05-27 | Published 2026-06-09 | Updated 2026-06-10 | Assigner mongodb

HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-617 Reachable assertion

Product status

Default status

unaffected

8.3.0 (custom) before 8.3.3

affected

8.2.0 (custom) before 8.2.10

affected

8.0.0 (custom) before 8.0.24

affected

7.0.0 (custom) before 7.0.35

affected

Credits

muhammaddaffa finder

References

jira.mongodb.org/browse/SERVER-124190

cve.org (CVE-2026-9746)

nvd.nist.gov (CVE-2026-9746)

Download JSON