CVE-2026-1847
published 2026-02-10CVE-2026-1847: Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall…
PriorityP336high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.24%
15.3th percentile
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mongodb | mongodb | >= 7.0.0 < 7.0.29 | 7.0.29 |
| mongodb | mongodb | >= 8.0.0 < 8.0.18 | 8.0.18 |
| mongodb | mongodb | >= 8.2.0 < 8.2.4 | 8.2.4 |
| mongodb_inc | mongodb_server | >= 7.0 < 7.0.29 | 7.0.29 |
| mongodb_inc | mongodb_server | >= 8.0 < 8.0.18 | 8.0.18 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv4.07.1HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7m7c-8m4q-hv3m: Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary
ghsa_unreviewed·2026-02-10
CVE-2026-1847 [HIGH] CWE-770 GHSA-7m7c-8m4q-hv3m: Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
OSV
CVE-2026-1847: Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary
osv·2026-02-10·CVSS 7.1
CVE-2026-1847 [HIGH] CVE-2026-1847: Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
No detection rules found.
No public exploits indexed.
2026-02-10
Published