CVE-2025-10059 | MongoDB Server up to 6.0.23/7.0.17/8.0.5 Setting lsid permission assignment

A vulnerability has been found in MongoDB Server up to 6.0.23/7.0.17/8.0.5 and classified as problematic. This impacts an unknown function of the component Setting Handler. This manipulation of the argument lsid causes incorrect permission assignment.

The identification of this vulnerability is CVE-2025-10059. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More