cyberMEDIUM2026-05-07 06:16 UTC

CVE-2026-8063 - Post-auth null pointer dereference when aggregating against a view with empty search pipeline

CVE ID :CVE-2026-8063 Published : May 7, 2026, 6:16 a.m. | 39 minutes ago Description :An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] Sam Altman tükürdüğünü yaladı
[CYBER] My .NET Docker image was 900MB - here's how I fixed it (and what I got wrong with JWT)
[CYBER] Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
[CYBER] Number of malware programs targeting Russian companies rises to 1,174 since start of year
[CYBER] CVE-2026-4430 - Heap Buffer Overflow in AgileEngine
[CYBER] CVE-2026-44406 - DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview

Editorial policy · Report a correction