Home > Vulnerability Database > CVE-2025-13643

Mend.io Vulnerability Database

CVE-2025-13643

Good to know:

Date: November 25, 2025

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

Severity Score

3.1

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-13643

Url: https://jira.mongodb.org/browse/SERVER-103582

Url: https://www.mend.io/vulnerability-database/CVE-2025-13643

Severity Score

3.1

Weakness Type (CWE)

Missing Authorization

CWE-862

Top Fix

Upgrade Version

Upgrade to version https://github.com/mongodb/mongo.git - r7.0.26;https://github.com/mongodb/mongo.git - r8.0.14

Learn More

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-13643

Good to know:

Date: November 25, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?