FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mongodb -- MongoDB may be susceptible to Invariant Failure in Transactions due Upsert Operation

Affected packages
mongodb60 < 6.0.25
mongodb70 < 7.0.22
mongodb80 < 8.0.12

Details

VuXML ID 6d16b410-a2ca-11f0-8402-b42e991fc52e
Discovery 2025-09-05
Entry 2025-10-06

cna@mongodb.com reports:

MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management.

[source]

References

CVE Name CVE-2025-10060
URL https://nvd.nist.gov/vuln/detail/CVE-2025-10060

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.