CVE Catalog

CVE-2026-9747

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

14th percentile - higher than 14% of all known CVEs

Summary

Adding fromRouter:true and runtimeConstants.userRoles could cause MongoDB server crashes during aggregations.

Risk Assessment

MongoDB server crashes can lead to service downtime and potential data loss, impacting organizational continuity.

Recommendation

It is recommended to avoid using fromRouter:true and runtimeConstants.userRoles in aggregations to prevent server crashes.

Original NVD description (English source)

Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS