CVE-2026-6691: CWE-120 Buffer Copy without Checking Size of Input in MongoDB Inc. MongoDB C Driver
The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI.
AI Analysis
Technical Summary
The MongoDB C Driver 2.1.0 contains a heap buffer overflow vulnerability (CWE-120) in its Cyrus SASL integration component. The issue arises from unsafe string copying during the canonicalization of usernames when the authMechanism is set to GSSAPI in the MongoDB URI. This vulnerability exists prior to any authentication or network communication, potentially allowing an attacker to cause memory corruption by supplying crafted input in the username field. The vulnerability has a CVSS 4.0 score of 8.6, indicating high severity. No patch or official remediation level has been published by MongoDB Inc. as of the vulnerability disclosure date.
Potential Impact
Successful exploitation of this vulnerability could lead to a heap buffer overflow, which may result in application crashes or potentially arbitrary code execution within the context of the MongoDB C Driver process. Since the flaw occurs before authentication or network traffic, it could be triggered by supplying malicious input in the username parameter of a MongoDB URI using GSSAPI authentication. However, there are no known exploits in the wild currently.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid using untrusted input in the username field of MongoDB URIs with authMechanism=GSSAPI in affected versions. Monitor MongoDB Inc. advisories for updates and apply patches promptly once available.
CVE-2026-6691: CWE-120 Buffer Copy without Checking Size of Input in MongoDB Inc. MongoDB C Driver
Description
The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The MongoDB C Driver 2.1.0 contains a heap buffer overflow vulnerability (CWE-120) in its Cyrus SASL integration component. The issue arises from unsafe string copying during the canonicalization of usernames when the authMechanism is set to GSSAPI in the MongoDB URI. This vulnerability exists prior to any authentication or network communication, potentially allowing an attacker to cause memory corruption by supplying crafted input in the username field. The vulnerability has a CVSS 4.0 score of 8.6, indicating high severity. No patch or official remediation level has been published by MongoDB Inc. as of the vulnerability disclosure date.
Potential Impact
Successful exploitation of this vulnerability could lead to a heap buffer overflow, which may result in application crashes or potentially arbitrary code execution within the context of the MongoDB C Driver process. Since the flaw occurs before authentication or network traffic, it could be triggered by supplying malicious input in the username parameter of a MongoDB URI using GSSAPI authentication. However, there are no known exploits in the wild currently.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid using untrusted input in the username field of MongoDB URIs with authMechanism=GSSAPI in affected versions. Monitor MongoDB Inc. advisories for updates and apply patches promptly once available.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mongodb
- Date Reserved
- 2026-04-20T16:17:41.724Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fb5c96cbff5d861000f724
Added to database: 5/6/2026, 3:21:58 PM
Last enriched: 5/6/2026, 3:36:23 PM
Last updated: 5/7/2026, 8:17:44 AM
Views: 29
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.