Vulnerability Database

317,182

Total vulnerabilities in the database

CVE-2025-3082

A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version prior to 7.0.14 and MongoDB Server v7.3 versions prior to 7.3.4.

Published: Apr 1, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-3082
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.1
AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mongodb / mongodb	5.0.0	5.0.31
mongodb / mongodb	6.0.0	6.0.20
mongodb / mongodb	7.0.0	7.0.14
mongodb / mongodb	7.3.0	7.3.4

https://jira.mongodb.org/browse/SERVER-103151

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo