Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-k1h3-37k8-7qet
SummaryAn authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain execution paths.
Aliases
0
alias CVE-2026-9750
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-9750
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.18921
published_at 2026-06-11T12:55:00Z
1
value 0.0006
scoring_system epss
scoring_elements 0.19086
published_at 2026-06-12T12:55:00Z
2
value 0.0006
scoring_system epss
scoring_elements 0.19104
published_at 2026-06-13T12:55:00Z
3
value 0.0006
scoring_system epss
scoring_elements 0.19081
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-9750
1
reference_url https://jira.mongodb.org/browse/SERVER-123633
reference_id SERVER-123633
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-10T13:28:32Z/
url https://jira.mongodb.org/browse/SERVER-123633
Weaknesses
0
cwe_id 617
name Reachable Assertion
description The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Exploits
Severity_range_score6.5 - 7.1
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-k1h3-37k8-7qet