Can you help me modeling the nist cve db to avoid query targeting alerts?

Hi, I’m replicating the nist cve db into mongodb in order to query it. Basically at some point we have a list of CPEs and we need to get all the CVEs associated with it. Problem is that nist db is quite complicated because some CVEs are actually relevant only if some conditions happens (eg cpe1 and cpe2 or cpe1 and cpe3).
So we tried to save data in mongo in order to be able to query it in the best possible way but we get many alerts because indexes are not effective. Or better to say I think that indexes are impossibile to apply in the way we modelled data.

We have a cves collection where every object represent a CVE. Every object is like this:

{
  "_id": {
    "$oid": "642ac65bb244c4f794df9a19"
  },
  "code": "CVE-1999-0018",
  "status": "Analyzed",
  "references": [
    {
      "url": "http://www.securityfocus.com/bid/127",
      "_id": {
        "$oid": "647f0197f2fabb90663c62c8"
      }
    }
  ],
  "description": "Buffer overflow in statd allows root privileges.",
  "cvss": {
    "version": "2.0",
    "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
    "score": 10,
    "severity": "HIGH"
  },
  "publishedDate": {
    "$date": "2023-06-06T09:51:19.179Z"
  },
  "lastModifiedDate": {
    "$date": "2023-06-06T09:51:19.179Z"
  },
  "configurations": [
    [
      {
        "uris": [
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*"
          }
        ]
      },
      {
        "uris": [
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*"
          }
        ]
      }
    ],
    [
      {
        "uris": [
          {
            "cpe23Uri": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*"
          },
          {
            "cpe23Uri": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*"
          }
        ]
      }
    ]
  ]
}

configurations is the key field that create the problem: it’s an array where every object represents a standalone configuration (a situation that creates the cve), but these objects are arrays themselves because every configuration can be a list of stuff with AND operator. The objects inside this least array are a list of cpe uris that represents an OR list.
So for example in the above case, the CVE-1999-0018 is actually present in 2 cases:
1- if our CPE is inside the first list AND the second list of the first configurations object.
2- if our CPE is inside the longer list of the second configurations object.

Now we basically make a query doing this match to get all the interested cve, then we elaborate the various conditions on the server:

configurations: { 
   $elemMatch: { 
      $elemMatch: {  
          'uris.cpe23Uri': cpe_name 
      }
    }
 }

but we can’t find a way to index it because we tried both configurations or configurations.uris or even configurations.uris.cpe23Uri but it’s never be used. I think because of the double $elemMatch

So there is a way to create corret index or do you can imagine some better way to store the data keeping in mind that the nuber of array objects is not deterministic?

thanks