**Serial number:** AV25-380 **Date:**June 27, 2025On June 26, 2025, MongoDB published a security advisory to address a vulnerability [](#defn-vulnerability)VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization’s assets or operations. in the following products:* MongoDB Server v6.0 — versions prior to 6.0.21* MongoDB Server v7.0 — versions prior to 7.0.17* MongoDB Server v8.0 — versions prior to 8.0.5The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.* [Pre-auth denial of service when accepting OIDC authentication](https://jira.mongodb.org/browse/SERVER-106748)
Related Tags:
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 51 – Information
Blog: Government of Canada Alerts and Advisories
Server Software Component: Web Shell
Server Software Component
Exploitation for Privilege Escalation
Associated Indicators: