CVE-2025-6714

Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections

Description

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9 Required Configuration: This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.

INFO

Published Date :

2025-07-07T14:48:48.312Z

Last Modified :

2025-07-07T19:11:47.975Z

Source :

mongodb

AFFECTED PRODUCTS

The following products are affected by CVE-2025-6714 vulnerability.

Vendors	Products
Mongodb	Mongodb

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-6714.

URL	Resource
https://jira.mongodb.org/browse/SERVER-106753

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact