Vulnerability Details CVE-2026-9751
The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.9%
CVSS Severity
CVSS v3 Score 5.5