MongoDb Insertion of Sensitive Information into Log File Vulnerability (CVE-2026-9751)
Description
The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.
Looking for the vulnerability index of Invicti's legacy products?