CVE-2026-5170MEDIUMCVSS 6.0≥ 8.2, < 8.2.2·≥ 8.0, < 8.0.18+1 more2026-03-30
CVE-2026-5170 [MEDIUM] CWE-617 CVE-2026-5170: A user with access to the cluster with a limited set of privilege actions can trigger a crash of a m
A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary of the replica set.
This issue affects MongoDB Server v8
cvelistv5nvd