CVE-2026-6691 PUBLISHED

MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow

Assigner: mongodb
Reserved: 20.04.2026 Published: 06.05.2026 Updated: 07.05.2026

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 8.6

Product Status

Vendor MongoDB Inc.
Product MongoDB C Driver
Versions Default: unaffected
  • affected from 2.1.0 to 2.1.2 (incl.)

References

Problem Types

  • CWE-120 Buffer Copy without Checking Size of Input CWE

Impacts

  • CAPEC-100 Overflow Buffers