CVE-2026-2302 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code.
Medium CVSS: 6.9

CVE-2026-2302

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code.
Vendor
-
Product
-
CWE
CWE-183
Yayın Tarihi
2026-02-10 19:16:04
Güncelleme
2026-02-27 14:16:30
Source Identifier
cna@mongodb.com
KEV Date Added
-

Kategoriler

CWE-183 MEDIUM 2026

Referanslar

https://jira.mongodb.org/browse/MONGOID-5919