CVE-2026-6811

MEDIUM CVSS 5.9 View on NVD ↗

Description

Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the source of these BSON documents is not MongoDB Server.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

https://jira.mongodb.org/browse/PHPC-2636

Published: May 14, 2026 22:16 UTC Modified: May 15, 2026 14:11 UTC