CVE-2025-10060 is a vulnerability identified in MongoDB Server versions 6.0 prior to 6.0.25, 7.0 prior to 7.0.22, and 8.0 prior to 8.0.12. The issue arises from improper management of the WriteUnitOfWork state during upsert operations retried within a transaction. Specifically, the vulnerability allows these retried upsert operations to violate unique index constraints, which can lead to an invariant failure and cause the MongoDB server to crash during the commit phase of the transaction. This vulnerability is classified under CWE-672, which relates to operations on a resource after its expiration or release, indicating that the server attempts to perform operations on a resource that is no longer valid or has been released. The CVSS v3.1 base score is 6.5, reflecting a medium severity level. The vector indicates that the attack can be performed remotely (AV:N) with low attack complexity (AC:L), requires privileges (PR:L) but no user interaction (UI:N), and impacts availability (A:H) without affecting confidentiality or integrity. There are no known exploits in the wild at the time of publication, and no patches are linked in the provided data, though MongoDB has released fixed versions addressing this issue. The vulnerability primarily affects the availability of the MongoDB server by causing crashes, which can disrupt database services relying on these versions. This issue is particularly relevant for environments using transactions with upsert operations, especially where retry logic is implemented, as it may inadvertently trigger the server crash due to unique index constraint violations during commit.

For European organizations, this vulnerability poses a risk primarily to the availability of critical database services that rely on MongoDB Server versions affected by this flaw. Organizations using MongoDB in transactional contexts with upsert retries could experience unexpected server crashes, leading to downtime, potential data processing delays, and disruption of dependent applications and services. This can affect sectors such as finance, healthcare, e-commerce, and public services, where MongoDB is used for real-time data handling and transactional integrity. The disruption of database availability can lead to operational inefficiencies, loss of customer trust, and potential regulatory compliance issues, especially under GDPR where service continuity and data integrity are important. Since the vulnerability requires low privileges but no user interaction, insider threats or compromised accounts with limited privileges could exploit this to cause denial of service. However, the lack of known exploits in the wild reduces immediate risk, but organizations should not delay remediation given the potential impact on service availability.

European organizations should prioritize upgrading MongoDB Server to the fixed versions: 6.0.25 or later for the 6.0 series, 7.0.22 or later for the 7.0 series, and 8.0.12 or later for the 8.0 series. Until upgrades are applied, organizations should audit and review transactional code that performs upsert operations with retries to minimize triggering the unique index constraint violation. Implementing stricter access controls to limit privileges to only necessary users can reduce the risk of exploitation. Monitoring MongoDB server logs for unusual transaction failures or crashes can provide early warning signs of attempted exploitation. Additionally, organizations should ensure robust backup and recovery procedures are in place to mitigate the impact of potential server crashes. Where possible, testing transactional workloads in staging environments after applying patches can validate stability. Network-level protections such as firewall rules restricting access to MongoDB instances and employing authentication mechanisms can further reduce exposure. Finally, staying informed through MongoDB security advisories and applying patches promptly is critical.