CVE Catalog

CVE-2026-9748

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile - higher than 21% of all known CVEs

Summary

The $_internalConvertBucketIndexStats stage used PauseExecution to signal 'skip this document' when an index stats conversion failed. However, PauseExecution is not a general-purpose skip mechanism, leading to mongod crashes when this stage is placed before $facet in a pipeline.

Risk Assessment

Mongod crashes can lead to application downtime and potential data loss, posing a significant risk to the organization.

Recommendation

It is recommended to review and modify pipelines to avoid placing the $_internalConvertBucketIndexStats stage before $facet, which may prevent crashes.

Original NVD description (English source)

The $_internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines. When this stage is placed before $facet in a pipeline, TeeBuffer receives the unexpected PauseExecution from upstream and hits a hard invariant assertion, crashing mongod.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS