CVE-2026-6915

MEDIUM CVSS 6.3 View on NVD ↗

Description

An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

References

https://jira.mongodb.org/browse/SERVER-119679

Published: Apr 29, 2026 17:16 UTC Modified: Apr 30, 2026 15:13 UTC