CVE-2026-25612

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H                                    

Vulnerability Description

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks.

Vulnerability Details

Published Date

February 10, 2026

Last Modified

February 10, 2026

CWE ID

CWE-412

Source

NVD

Vendor

MongoDB Inc

Product

MongoDB Server

External References

https://jira.mongodb.org/browse/SERVER-114838
https://jira.mongodb.org/browse/SERVER-115296

CVE-2026-25612

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment