MEDIUM SeverityCVSS 4.04.8CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

CVE-2026-8200

Last updated May 13, 2026 · Published May 13, 2026

Description

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.

Affected products

2 listed

MongoDB
Inc.:MongoDB Server

Mappings

CWE

CWE-532

CAPEC

None listed.

Guides

Secrets management in GitHub Actions: prevent leaks and rotate safelySecrets management in GitHub Actions starts with repository or environment secrets, scoped tokens, and OIDC…

Training

Logging and Detection EngineeringWriting logs that actually help you find attackers - structured, contextual, actionable.

CVE-2026-8200

Description

Affected products

Mappings

Related