Critical Alert 1 Active Exploit Detected Today

CVE-2026-48907 Widget Factory Joomla Content Editor Improper Access Control Vulnerability →
Powered by CVE Watchtower
×
June 17, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-9750NVD

Vulnerability Summary

An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain execution paths.
Severity Level
MEDIUM(6.5)
Published Date
Jun 9, 2026
Last Modified
Jun 10, 2026
Exploitation Status
????
EPSS Score (30-Day)
0.30%Probability
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh

External References