cbcvebase.
CVE-2026-5170
published 2026-03-30

CVE-2026-5170: A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window…

PriorityP428medium5.3CVSS 3.1
AVNACHPRLUINSUCNINAH
EPSS
0.20%
10.3th percentile
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary of the replica set. This issue affects MongoDB Server v8.2 versions prior to 8.2.2, MongoDB Server v8.0 versions between 8.0.18, MongoDB Server v7.0 versions between 7.0.31.

Affected

6 ranges
VendorProductVersion rangeFixed in
mongodbmongodb>= 7.0.0 < 7.0.317.0.31
mongodbmongodb>= 8.0.0 < 8.0.188.0.18
mongodbmongodb>= 8.2.0 < 8.2.28.2.2
mongodbmongodb_server>= 7.0 < 7.0.317.0.31
mongodbmongodb_server>= 8.0 < 8.0.188.0.18
mongodbmongodb_server>= 8.2 < 8.2.28.2.2

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv4.06.0MEDIUMCVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv6.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.