Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MongoDb Improper Check or Handling of Exceptional Conditions Vulnerability (CVE-2025-3084)

Description

When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Server v8.0 prior to 8.0.4

Remediation

References

Related Vulnerabilities

MySQL CVE-2019-2950 Vulnerability (CVE-2019-2950)

WordPress Plugin WooCommerce Weight Based Shipping Cross-Site Request Forgery (5.4.1)

Next.js Deserialization of Untrusted Data Vulnerability (CVE-2025-55184)

WordPress Plugin WooCommerce HTML Injection (6.5.1)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-0499)

Severity

Medium

Classification

CVE-2025-3084 CWE-703 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities