CVE-2025-6710 – MongoDB Server JSON Parsing Stack Overflow Vulnerability

June 26, 2025

CVE ID : CVE-2025-6710

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which could occur pre-authorisation. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5.

The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleUbuntu 25.10 Snapshot 2 is Now Available to Download

Next Article CVE-2025-6707 – MongoDB Privilege Escalation Vulnerability

Highlights

CVE-2023-53124 – MPT3SAS NULL Pointer Access Vulnerability

May 2, 2025

CVE ID : CVE-2023-53124

Published : May 2, 2025, 4:15 p.m. | 34 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()

Port is allocated by sas_port_alloc_num() and rphy is allocated by either
sas_end_device_alloc() or sas_expander_alloc(), all of which may return
NULL. So we need to check the rphy to avoid possible NULL pointer access.

If sas_rphy_add() returned with failure, rphy is set to NULL. We would
access the rphy in the following lines which would also result NULL pointer
access.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

May 27, 2025

Elden Ring Nightreign Tricephalos boss: How to beat Gladius, Beast of Night

May 30, 2025

Elevate marketing intelligence with Amazon Bedrock and LLMs for content creation, sentiment analysis, and campaign performance evaluation

May 9, 2025

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-6710 – MongoDB Server JSON Parsing Stack Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Prime members can save $10 on any $20 or more Grubhub+ order for a limited time – here’s how

CVE-2025-33099 – IBM Concert Software SSL/TLS Certificate Validation Vulnerability

Take a private theater with you everywhere with the best price ever on our favorite AR glasses

Move over ChatGPT: This tiny voice recorder is my new favorite AI assistant. Here’s why

CVE-2023-53124 – MPT3SAS NULL Pointer Access Vulnerability

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Elden Ring Nightreign Tricephalos boss: How to beat Gladius, Beast of Night

Elevate marketing intelligence with Amazon Bedrock and LLMs for content creation, sentiment analysis, and campaign performance evaluation

CVE-2025-6710 – MongoDB Server JSON Parsing Stack Overflow Vulnerability

Related Posts