Description
MongoDB Server may experience an invariant failure during batched delete operations when handling documents. The issue arises when the server mistakenly assumes the presence of multiple documents in a batch based solely on document size exceeding BSONObjMaxSize. This issue affects MongoDB Server v7.0 versions prior to 7.0.26, MongoDB Server v8.0 versions prior to 8.0.13, and MongoDB Server v8.1 versions prior to 8.1.2
INFO
Published Date :
2025-11-25T05:23:12.317Z
Last Modified :
2025-11-25T16:39:15.285Z
Source :
mongodb
AFFECTED PRODUCTS
The following products are affected by CVE-2025-13644 vulnerability.
| Vendors | Products |
|---|---|
| Mongodb |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13644.
| URL | Resource |
|---|---|
| https://jira.mongodb.org/browse/SERVER-101180 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact