CVE-2026-4358 | MongoDB Server up to 7.0.30/8.0.19/8.2.5 Aggregation lookup double free

A vulnerability was found in MongoDB Server up to 7.0.30/8.0.19/8.2.5. It has been classified as problematic. Impacted is an unknown function of the component Aggregation Handler. This manipulation of the argument lookup causes double free.

This vulnerability appears as CVE-2026-4358. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More