CVE-2025-6709 - MongoDB OIDC Date Denial of Service

CVE ID : CVE-2025-6709

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling of specific date values in JSON input when using OIDC authentication. This can be reproduced using the mongo shell to send a malicious JSON payload leading to an invariant failure and server crash. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5.

The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-6709 – MongoDB OIDC Date Denial of Service

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

With Call of Duty’s obsession with cringe-inducing pop culture skins, ‘Battlefield 6’ has a very real opportunity to offer the alternative — will EA deliver?

Digital Invasion: 3 things we learned from CES 2015

Microsoft Patch Tuesday May 2025: 5 Zero Days, 8 High-Risk Vulnerabilities

Smashing Animations Part 1: How Classic Cartoons Inspire Modern CSS

Even YouTube’s anti-adblock campaign doesn’t stand a chance against this self-made AR app — blocking real-world billboards with Google Gemini AI

CVE-2025-8480 – Alpine iLX-507 Tidal Music Streaming Command Injection Remote Code Execution

The next chapter of our Gemini era

You’ve got to try these 5 premium Minecraft add-ons — Dinosaurs, security systems, and more really shake up Bedrock Edition

CVE-2025-6709 – MongoDB OIDC Date Denial of Service

Related Posts