CVE-2026-1848
EPSS 0.08%Connections received from the proxy port may not count towards total accepted connections
Published: 2/26/2026Modified: 2/26/2026
Description
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.
Affected packages (1)
- Bitnami/mongodb>= 7.0.0, < 7.0.29, >= 8.0.0, < 8.0.18, >= 8.2.0, < 8.2.4
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |