CVE-2025-6710
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-6710
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-6710.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-6710
- Aliases
- Downstream
- Published
- 2025-06-26T14:15:35Z
- Modified
- 2025-09-17T05:21:57.534968Z
- Summary
- [none]
- Details
-
MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which could occur pre-authorisation. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5.
The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.
- References
Affected packages
Git / github.com/mongodb/mongo
Affected versions
r6.*
r6.0.0
r6.0.1
r6.0.1-rc0
r6.0.10
r6.0.10-rc0
r6.0.11
r6.0.11-rc0
r6.0.12
r6.0.12-rc0
r6.0.12-rc1
r6.0.13
r6.0.13-rc0
r6.0.14
r6.0.14-rc0
r6.0.14-rc1
r6.0.15
r6.0.15-rc0
r6.0.16
r6.0.16-rc0
r6.0.17
r6.0.17-rc0
r6.0.18
r6.0.18-rc0
r6.0.19
r6.0.2
r6.0.2-rc0
r6.0.2-rc1
r6.0.20
r6.0.20-rc0
r6.0.20-rc1
r6.0.20-rc2
r6.0.20-rc3
r6.0.3
r6.0.3-rc0
r6.0.3-rc1
r6.0.3-rc2
r6.0.4
r6.0.4-rc0
r6.0.4-rc1
r6.0.5
r6.0.5-rc0
r6.0.5-rc1
r6.0.6
r6.0.6-rc0
r6.0.6-rc1
r6.0.7
r6.0.7-rc0
r6.0.8
r6.0.8-rc0
r6.0.9
r6.0.9-rc0
r6.0.9-rc1
Database specific
{
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 11998.0,
"function_hash": "324731960150289540980834762556588772295"
},
"signature_version": "v1",
"id": "CVE-2025-6710-02da7f08",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/classic_stage_builder.cpp",
"function": "ClassicStageBuilder::build"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 355.0,
"function_hash": "74721346382742554427103070829589351717"
},
"signature_version": "v1",
"id": "CVE-2025-6710-04aca510",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/plan_enumerator.cpp",
"function": "PlanEnumerator::getNext"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 5055.0,
"function_hash": "6750677528220597691009422494444808667"
},
"signature_version": "v1",
"id": "CVE-2025-6710-0ca6dbf5",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/planner_ixselect.cpp",
"function": "QueryPlannerIXSelect::_compatible"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"10066572042982452419190648275880004759",
"198010942107892612119844421222233465981",
"238555843601584275087869651267173119853",
"218292219009861977983067820021497983774"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-10d73161",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/planner_ixselect.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"323675016611822908901520286437579331970",
"134018369373461896889428775379890327204",
"110060140195004104665048901947222996114",
"49252125840708939910580577962037129759"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-320a26f6",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/getmore_cmd.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"74480530075972489207882079862334429764",
"76410312924971237751169851963874629808",
"79022626286008810693439777307702037688",
"63471234647693922887625181921846898126",
"213512571532026548196990037065560722984",
"216953702257803626192425694834763335091",
"184599858042867205163347561657227639026",
"334283130975759149651470692416758486813",
"143946319678917081822532102637446812885",
"238540202553349890141274583720274765758"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-34accfc1",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/plan_executor_factory.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"325934018512381950537697277337436246001",
"182718589902973117584251429550925210539",
"7436171749258214253947874812145720868",
"116396899814353271616125903432356141976"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-3dfd0052",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/run_aggregate.cpp"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 3655.0,
"function_hash": "315579720131735595828496019705066544473"
},
"signature_version": "v1",
"id": "CVE-2025-6710-450be5e7",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/run_aggregate.cpp",
"function": "handleCursorCommand"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"53195843026111884998938521343974374173",
"230237911581286265848288504352558145943",
"209305753029730154019924762943689408857",
"188278831708682375185310562172448117050"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-46b55b85",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/classic_stage_builder.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"117996222717711035934246435470014861681",
"134503435815170199102225179521540750073",
"186482670758146755212771325428210146174",
"175448674506301054507302686564081847271"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-5db5e3f0",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/query_stats/query_stats.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"239760245189374196199053087318019641219",
"166658240041078105533858403956415681461",
"184613860848971087935595557361706193125",
"21627686114844893390008975237787558063",
"270299295809016924007056676644411041761",
"164457883294828323493140586031241570462",
"184613860848971087935595557361706193125",
"21627686114844893390008975237787558063"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-649dcc19",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/expression_index.cpp"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 1499.0,
"function_hash": "330353328274016122203123709077513116764"
},
"signature_version": "v1",
"id": "CVE-2025-6710-73db0d9b",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/sbe_stage_builder_index_scan.cpp",
"function": "makeIntervalsFromIndexBounds"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"9363958036791989920855153754359125296",
"212614258808394553218503732579496811630",
"324828096798884775161546544166307853114",
"311240997386380183087492118537665622982"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-7f149475",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/plan_enumerator.cpp"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"205050424898769862710277687559331953608",
"108188596002158574450440502237856818599",
"21459500346659147619504989491625648974",
"23316749593539662910705972082917395804"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-9e183a45",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/distinct.cpp"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 8399.0,
"function_hash": "271326683273544982550950067365164714652"
},
"signature_version": "v1",
"id": "CVE-2025-6710-a5fa4151",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/find_cmd.cpp",
"function": "run"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 552.0,
"function_hash": "18683832206106765511076032648809337438"
},
"signature_version": "v1",
"id": "CVE-2025-6710-a791dd5f",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/plan_executor_factory.cpp",
"function": "make"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 418.0,
"function_hash": "127231367950262132446204453201931301605"
},
"signature_version": "v1",
"id": "CVE-2025-6710-ba6bb206",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/expression_index.cpp",
"function": "ExpressionMapping::S2CellIdsToIntervals"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 812.0,
"function_hash": "198790066288247663210850446148914273963"
},
"signature_version": "v1",
"id": "CVE-2025-6710-c0854628",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/expression_index.cpp",
"function": "ExpressionMapping::S2CellIdsToIntervalsWithParents"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"305366697272645678512491038926620382457",
"267277981781185756058943621693643061891",
"327333684406704850282880008980341516469",
"90672606295781307607942416164877328061"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-d8fdb3ce",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/find_cmd.cpp"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 1998.0,
"function_hash": "7584353214389406896055162675308718886"
},
"signature_version": "v1",
"id": "CVE-2025-6710-de645406",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/commands/getmore_cmd.cpp",
"function": "generateBatch"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"207116781706962205856707717630023094228",
"135169221765852504545383737733425835422",
"51443341853513551633927610171554928141",
"245965675408929541120275929136782993672",
"250754446376793506390399135194343105764"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "CVE-2025-6710-e46308c7",
"source": "https://github.com/mongodb/mongo/commit/f4184f18fe405b75258e85a8554481128fb46410",
"target": {
"file": "src/mongo/db/query/sbe_stage_builder_index_scan.cpp"
},
"deprecated": false
}
]
}