CVE-2026-9751 | MongoDB Server up to 7.0.34/8.0.23/8.2.9/8.3.2 New Password mongod.log ldapQueryPassword log file

A vulnerability was found in MongoDB Server up to 7.0.34/8.0.23/8.2.9/8.3.2. It has been declared as problematic. This impacts an unknown function of the file mongod.log of the component New Password Handler. Such manipulation of the argument ldapQueryPassword leads to sensitive information in log files.

This vulnerability is uniquely identified as CVE-2026-9751. Local access is required to approach this attack. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More