Vulnerabilities

CVE-2026-4358

by Fred · 17/03/2026

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is spilled to disk.

More information : https://jira.mongodb.org/browse/SERVER-118849

Similar

Tags: Cybersecurity Alert