MongoDB Server may crash when inserting large documents_CVE-2026-1847

7.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.

Basic Information

ID CVE-2026-1847

Source mongodb

Published Feb 10, 2026 at 18:16

Affected Product

Vendor MongoDB Inc

Product MongoDB Server

Version 8.0

Affected Versions MongoDB Inc MongoDB Server 8.0
MongoDB Inc MongoDB Server 7.0

CWE Classification

CWE-770

References

jira.mongodb.org /browse/SERVER-113532

{
    "lastseen": "",
    "description": "Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.",
    "published": "2026-02-10T18:16:24.739Z",
    "modified": "2026-02-10T18:16:24.739Z",
    "type": "cve",
    "title": "MongoDB Server may crash when inserting large documents",
    "source": "mongodb",
    "references": "https://jira.mongodb.org/browse/SERVER-113532",
    "id": "CVE-2026-1847",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "MongoDB Inc MongoDB Server 8.0\nMongoDB Inc MongoDB Server 7.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MongoDB Server",
    "version": "8.0",
    "vendor": "MongoDB Inc",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}