Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-12657) - Vulnerability Database

MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2025-12657)

Description

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations.

References

CVE-2025-12657

Related Vulnerabilities

WebLogic CVE-2022-21258 Vulnerability (CVE-2022-21258) Medium
Common tags: Missing Update Known Vulnerabilities
SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1101) Medium
Common tags: Missing Update Known Vulnerabilities
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19215) High
Common tags: Missing Update Known Vulnerabilities
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19216) High
Common tags: Missing Update Known Vulnerabilities
Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19217) High
Common tags: Missing Update Known Vulnerabilities

Severity

Medium

Classification

CVE-2025-12657
CWE-754
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Tags

Missing Update
Known Vulnerabilities