Description

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8.2 versions prior to 8.2.1.

Remediation

References

CVE-2025-13507

Related Vulnerabilities

WordPress Plugin Quotes and Tips by BestWebSoft Cross-Site Scripting (1.32)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37302)

OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)

WordPress Plugin CoolClock-a Javascript Analog Clock Cross-Site Scripting (4.3.4)

WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)

Severity

Medium

Classification

CVE-2025-13507 CWE-1284 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities