CVE-2025-13643 – MongoDB Server may allow queries to be terminated by unauthorized users

CVE ID : CVE-2025-13643

Published : Nov. 25, 2025, 6:15 a.m. | 1 hour, 7 minutes ago

Description : A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

Severity: 3.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…