Vulnerability Details CVE-2025-12657
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v3 Score 5.0
Products affected by CVE-2025-12657
-
cpe:2.3:a:mongodb:mongodb:6.0.0
-
cpe:2.3:a:mongodb:mongodb:6.0.1
-
cpe:2.3:a:mongodb:mongodb:6.0.10
-
cpe:2.3:a:mongodb:mongodb:6.0.11
-
cpe:2.3:a:mongodb:mongodb:6.0.12
-
cpe:2.3:a:mongodb:mongodb:6.0.13
-
cpe:2.3:a:mongodb:mongodb:6.0.14
-
cpe:2.3:a:mongodb:mongodb:6.0.15
-
cpe:2.3:a:mongodb:mongodb:6.0.16
-
cpe:2.3:a:mongodb:mongodb:6.0.17
-
cpe:2.3:a:mongodb:mongodb:6.0.18
-
cpe:2.3:a:mongodb:mongodb:6.0.2
-
cpe:2.3:a:mongodb:mongodb:6.0.20
-
cpe:2.3:a:mongodb:mongodb:6.0.21
-
cpe:2.3:a:mongodb:mongodb:6.0.22
-
cpe:2.3:a:mongodb:mongodb:6.0.23
-
cpe:2.3:a:mongodb:mongodb:6.0.24
-
cpe:2.3:a:mongodb:mongodb:6.0.25
-
cpe:2.3:a:mongodb:mongodb:6.0.26
-
cpe:2.3:a:mongodb:mongodb:6.0.3
-
cpe:2.3:a:mongodb:mongodb:6.0.4
-
cpe:2.3:a:mongodb:mongodb:6.0.5
-
cpe:2.3:a:mongodb:mongodb:6.0.6
-
cpe:2.3:a:mongodb:mongodb:6.0.7
-
cpe:2.3:a:mongodb:mongodb:6.0.8
-
cpe:2.3:a:mongodb:mongodb:6.0.9
-
cpe:2.3:a:mongodb:mongodb:6.1.0
-
cpe:2.3:a:mongodb:mongodb:6.1.1
-
cpe:2.3:a:mongodb:mongodb:6.2.0
-
cpe:2.3:a:mongodb:mongodb:6.2.1
-
cpe:2.3:a:mongodb:mongodb:6.3.0
-
cpe:2.3:a:mongodb:mongodb:6.3.1
-
cpe:2.3:a:mongodb:mongodb:6.3.2
-
cpe:2.3:a:mongodb:mongodb:7.0.0
-
cpe:2.3:a:mongodb:mongodb:7.0.1
-
cpe:2.3:a:mongodb:mongodb:7.0.10
-
cpe:2.3:a:mongodb:mongodb:7.0.11
-
cpe:2.3:a:mongodb:mongodb:7.0.12
-
cpe:2.3:a:mongodb:mongodb:7.0.13
-
cpe:2.3:a:mongodb:mongodb:7.0.14
-
cpe:2.3:a:mongodb:mongodb:7.0.15
-
cpe:2.3:a:mongodb:mongodb:7.0.16
-
cpe:2.3:a:mongodb:mongodb:7.0.17
-
cpe:2.3:a:mongodb:mongodb:7.0.18
-
cpe:2.3:a:mongodb:mongodb:7.0.19
-
cpe:2.3:a:mongodb:mongodb:7.0.2
-
cpe:2.3:a:mongodb:mongodb:7.0.20
-
cpe:2.3:a:mongodb:mongodb:7.0.21
-
cpe:2.3:a:mongodb:mongodb:7.0.3
-
cpe:2.3:a:mongodb:mongodb:7.0.4
-
cpe:2.3:a:mongodb:mongodb:7.0.5
-
cpe:2.3:a:mongodb:mongodb:7.0.6
-
cpe:2.3:a:mongodb:mongodb:7.0.7
-
cpe:2.3:a:mongodb:mongodb:7.0.8
-
cpe:2.3:a:mongodb:mongodb:7.0.9
-
cpe:2.3:a:mongodb:mongodb:8.0.0
-
cpe:2.3:a:mongodb:mongodb:8.0.1
-
cpe:2.3:a:mongodb:mongodb:8.0.2
-
cpe:2.3:a:mongodb:mongodb:8.0.3
-
cpe:2.3:a:mongodb:mongodb:8.0.4
-
cpe:2.3:a:mongodb:mongodb:8.0.5
-
cpe:2.3:a:mongodb:mongodb:8.0.6
-
cpe:2.3:a:mongodb:mongodb:8.0.7
-
cpe:2.3:a:mongodb:mongodb:8.0.8
-
cpe:2.3:a:mongodb:mongodb:8.0.9