CVE-2026-9735

MEDIUM(5.5)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Risk Signal Score19/100 — NIEDRIG

CVSS 5.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

5.5

Technische Schwere

Beschreibung

MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction.

Referenzen

https://jira.mongodb.org/browse/SERVER-126506