VYPR
Medium severity4.3NVD Advisory· Published Apr 13, 2026· Updated May 6, 2026

CVE-2026-6231

CVE-2026-6231

Description

The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that rely on these functions to validate untrusted BSON data before further processing. This issue affects MongoDB C Driver versions prior to 1.30.5, MongoDB C Driver version 2.0.0 and MongoDB C Driver version 2.0.1

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MongoDB/C Driver2 versions
    cpe:2.3:a:mongodb:c_driver:*:*:*:*:*:mongodb:*:*+ 1 more
    • cpe:2.3:a:mongodb:c_driver:*:*:*:*:*:mongodb:*:*range: <1.30.5
    • (no CPE)range: <=1.30.4, =2.0.0, =2.0.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.