Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://jira.mongodb.org/browse/SERVER-123370 |
|
Fri, 12 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mongodb mongodb
|
|
| CPEs | cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Mongodb mongodb
|
Wed, 10 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 10 Jun 2026 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mongodb
Mongodb mongodb Server |
|
| Vendors & Products |
Mongodb
Mongodb mongodb Server |
Tue, 09 Jun 2026 23:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text. | |
| Title | Sensitive data could be written to mongod.log | |
| Weaknesses | CWE-532 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: mongodb
Published:
Updated: 2026-06-10T13:27:31.811Z
Reserved: 2026-05-27T17:48:24.554Z
Link: CVE-2026-9751
Updated: 2026-06-10T13:27:22.710Z
Status : Analyzed
Published: 2026-06-09T23:17:04.643
Modified: 2026-06-12T20:43:58.123
Link: CVE-2026-9751
No data.
OpenCVE Enrichment
Updated: 2026-06-10T03:00:10Z