CVE-2026-1847
Published: 10 February 2026
Summary
CVE-2026-1847 is a high-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Mongodb Mongodb. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 23.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Deeper analysis
CVE-2026-1847 is a denial-of-service vulnerability in MongoDB replica sets. Inserting certain large documents into a replica set can prevent secondaries from fetching the oplog from the primary, stalling replication and potentially causing server crashes. The issue is rated with a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-770 (Allocation of Resources Without Limits or Throttling).
A low-privileged authenticated user with network access can exploit this vulnerability by inserting specially crafted large documents into the replica set. This triggers the replication failure on secondaries, leading to stalled operations and high-impact availability disruptions, including server crashes, without affecting confidentiality or integrity.
For mitigation details, refer to the MongoDB JIRA ticket at https://jira.mongodb.org/browse/SERVER-113532.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-6736
Vulnerability details
Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leading to server crash.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE directly enables application-level DoS via crafted document insertion exploiting unbounded resource allocation in MongoDB replication.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces denial-of-service protections against resource-exhaustion attacks that stall oplog replication via oversized documents.
Limits resource allocation per operation so that large document inserts cannot starve the oplog fetch mechanism on secondaries.
Requires validation of input size and format before accepting documents, blocking the specially crafted large payloads that trigger the replication stall.