Ref# ADV2025_176 | Date: Jun 30th 2025

---

MongoDB has published a security advisory highlighting vulnerabilities in the following products on June 26th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• MongoDB Server v6.0 – versions prior to 6.0.21  

• MongoDB Server v7.0 – versions prior to 7.0.17  

• MongoDB Server v8.0 – versions prior to 8.0.5 

For more information on these updates, you can follow this URL: 

Pre-auth denial of service when accepting OIDC authentication 

The Guyana National CIRT recommends that users and administrators review these updates and apply it where necessary. 

PDF Download: MongoDB Security Advisory

References 

• MongoDB – Server Vulnerability. (June 26th, 2025). Retrieved from MongoDB. https://jira.mongodb.org/browse/SERVER-106748  

• MongoDB Security Advisory. (June 27th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/mongodb-security-advisory-av25-380