vulnerability

FreeBSD: VID-32f5e57f-107f-11f0-8195-b42e991fc52e (CVE-2025-3083): MongoDB -- Malformed wire protocol messages may cause mongos to crash

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Apr 3, 2025	Apr 5, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Apr 3, 2025

Added

Apr 5, 2025

Modified

Dec 10, 2025

Description

[email protected] reports: Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to6.0.20 and MongoDB v7.0 versions prior to 7.0.16

Solutions

freebsd-upgrade-package-mongodb50freebsd-upgrade-package-mongodb60freebsd-upgrade-package-mongodb70

References

CVE-2025-3083
https://attackerkb.com/topics/CVE-2025-3083
CWE-248

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today