At MongoDB, the security of our users’ data is our highest priority. As part of our proactive security program, we identified a vulnerability impacting the MongoDB Server and have patched deployments across the Atlas fleet; we have no evidence that this issue has been exploited at this time. For customers self-hosting MongoDB, patched builds are available for all supported versions 5.0 and later (please see release notes). The vulnerability has been reported as CVE-2026-8053 and this advisory contains details about the issue as well as fixed versions.
All Community Edition users are encouraged to upgrade to the latest version to ensure this patch is applied. You can download all patched Community builds from our download page. Thank you for your continued trust in MongoDB.