CVE-2025-12119
- Source
- https://cve.org/CVERecord?id=CVE-2025-12119
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-12119.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-12119
- Aliases
- Downstream
- Published
- 2025-11-18T20:21:08.252Z
- Modified
- 2026-05-28T04:10:22.289726547Z
- Severity
-
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Bulk write with options may read invalid memory
- Details
-
A mongocbulkoperation_t may read invalid memory if large options are passed.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12119.json", "cwe_ids": [ "CWE-825" ], "cna_assigner": "mongodb" }- References
-
- https://github.com/mongodb/mongo-c-driver/releases/tag/1.30.6
- https://github.com/mongodb/mongo-c-driver/releases/tag/2.1.2
- https://github.com/mongodb/mongo-php-driver/releases/tag/1.21.2
- https://lists.debian.org/debian-lts-announce/2026/01/msg00009.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12119.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-12119
- https://github.com/mongodb/mongo-c-driver
- https://github.com/mongodb/mongo-php-driver
Affected packages
Git / github.com/mongodb/mongo-c-driver
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mongodb/mongo-c-driver
- Events
- Database specific
{ "source": [ "CPE_RANGE", "REFERENCES" ], "cpe": "cpe:2.3:a:mongodb:c_driver:*:*:*:*:*:mongodb:*:*", "extracted_events": [ { "introduced": "1.9.0" }, { "fixed": "1.30.6" }, { "introduced": "2.0.0" }, { "fixed": "2.1.2" } ] }
Git / github.com/mongodb/mongo-php-driver
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mongodb/mongo-php-driver
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "fixed": "1.21.2" } ], "cpe": "cpe:2.3:a:mongodb:php_driver:*:*:*:*:*:mongodb:*:*", "source": [ "CPE_RANGE", "REFERENCES" ] }
Affected versions
0.*
0.1.0
0.1.1
0.1.2
0.1.3
0.1.4
0.1.5
0.2.0
0.3.0
0.3.1
0.4.0
0.4.1
0.5.0
0.5.1
0.6.0
0.6.1
0.6.2
0.6.3
1.*
1.0.0
1.0.0RC0
1.0.0alpha1
1.0.0alpha2
1.0.0beta1
1.0.0beta2
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.10.0alpha1
1.11.0
1.11.0alpha1
1.12.0
1.13.0
1.14.0
1.14.0beta1
1.15.0
1.17.0
1.18.0
1.2.0
1.2.0alpha1
1.2.0alpha2
1.2.0alpha3
1.2.1
1.2.2
1.2.3
1.21.0
1.21.1
1.3.0
1.3.0RC1
1.3.0beta1
1.3.0beta2
1.3.1
1.4.0RC1
1.4.0beta1
1.5.0
1.6.0RC1
1.6.0alpha1
1.6.0alpha2
1.6.0alpha3