CVE-2025-6713 | MongoDB Server up to 6.0.21/7.0.19/8.0.6 mergeCursors improper authorization

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability, which was classified as critical, was found in MongoDB Server up to 6.0.21/7.0.19/8.0.6. Affected is an unknown function. The manipulation of the argument mergeCursors leads to improper authorization.

This vulnerability is traded as CVE-2025-6713. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-6713 | MongoDB Server up to 6.0.21/7.0.19/8.0.6 mergeCursors improper authorization

Post correlati

CVE-2024-23979 | F5 BIG-IP up to 15.1.8/16.1.3/17.1.0 Certificate allocation of resources (K000134516)

CVE-2024-28725 | YzmCMS 7.0 cross site scripting

CVE-2024-45505 | Apache HertzBeat up to 1.6.0 command injection

CVE-2022-48726 | Linux Kernel up to 5.10.98/5.15.21/5.16.7 ucma xa_for_each use after free