CVE-2026-1847

Summary

Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.

Affected Software

VendorProductVersion RangeStatus
MongoDB IncMongoDB Server8.0 < 8.0.18affected
MongoDB IncMongoDB Server7.0 < 7.0.29affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References