Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-13643

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

Published

2025-11-25T06:15:45.580

Last Modified

2025-12-11T23:20:36.673

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.1 (LOW)

Weaknesses

Type: Secondary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mongodb	mongodb	< 7.0.26	Yes
Application	mongodb	mongodb	< 8.0.14	Yes
Application	mongodb	mongodb	8.2.0	Yes
Application	mongodb	mongodb	8.2.0	Yes
Application	mongodb	mongodb	8.2.0	Yes
Application	mongodb	mongodb	8.2.0	Yes

References

https://jira.mongodb.org/browse/SERVER-103582 Vendor Advisory ([email protected])