CVE-2025-6711

MEDIUM

Mongodb < 6.0.21 - Log Information Exposure

Title source: rule

Description

An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server logs when certain error conditions are encountered. This issue affects MongoDB Server v8.0 versions prior to 8.0.5, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v6.0 versions prior to 6.0.21.

References (1)

[Issue Tracking, Vendor Advisory] https://jira.mongodb.org/browse/SERVER-98720

Scores

CVSS v3 4.4

EPSS 0.0009

EPSS Percentile 24.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (1)

mongodb/mongodb 6.0.0 - 6.0.21

Published Jul 07, 2025

Tracked Since Feb 18, 2026