Security Advisory

CVE-2026-8431

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-12 18:37:47

Last updated 2026-05-12 20:24:26

Assigner mongodb

State PUBLISHED

Description

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior.

← Browse all CVEs View on cve.org ↗