Home > Vulnerability Database > CVE-2025-13507

Mend.io Vulnerability Database

CVE-2025-13507

Good to know:

Date: November 24, 2025

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8.2 versions prior to 8.2.1.

Severity Score

6.5

Related Resources (3)

Url: https://jira.mongodb.org/browse/SERVER-108565

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-13507

Url: https://www.mend.io/vulnerability-database/CVE-2025-13507

Severity Score

6.5

Weakness Type (CWE)

Improper Validation of Specified Quantity in Input

CWE-1284

Top Fix

Upgrade Version

Upgrade to version https://github.com/mongodb/mongo.git - r7.0.26;https://github.com/mongodb/mongo.git - r8.0.16;https://github.com/mongodb/mongo.git - r8.2.1

Learn More

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-13507

Good to know:

Date: November 24, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?