{"id":"CVE-2025-10059","details":"An improper setting of the lsid field on any sharded query can cause a crash in MongoDB routers. This issue occurs when a generic argument (lsid) is provided in a case when it is not applicable. This affects MongoDB Server v6.0 versions prior to 6.0.x, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v8.0 versions prior to 8.0.6.","aliases":["BIT-mongodb-2025-10059"],"modified":"2026-04-12T17:35:44.583234Z","published":"2025-09-05T21:15:34.773Z","references":[{"type":"REPORT","url":"https://jira.mongodb.org/browse/SERVER-100901"},{"type":"REPORT","url":"https://jira.mongodb.org/browse/SERVER-100909"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mongodb/mongo","events":[{"introduced":"e61bf27c2f6a83fed36e5a13c008a32d563babe2"},{"fixed":"c5423a4f25b3056ee2380ddc4e5e5fc3f5a6afc2"},{"introduced":"37d84072b5c5b9fd723db5fa133fb202ad2317f1"},{"fixed":"01446737d14e8e41feba33b2a5b7538c4b0fdc89"},{"introduced":"b41cda4fe697dce6fd9b83b3805362ccc02fbeb3"},{"fixed":"1726bc39e585c858ed984dc9dce620f43684ed10"}],"database_specific":{"versions":[{"introduced":"6.0.0"},{"fixed":"6.0.24"},{"introduced":"7.0.0"},{"fixed":"7.0.18"},{"introduced":"8.0.0"},{"fixed":"8.0.6"}]}}],"versions":["r6.0.0","r6.0.1","r6.0.1-rc0","r6.0.10","r6.0.10-rc0","r6.0.11","r6.0.11-rc0","r6.0.12","r6.0.12-rc0","r6.0.12-rc1","r6.0.13","r6.0.13-rc0","r6.0.14","r6.0.14-rc0","r6.0.14-rc1","r6.0.15","r6.0.15-rc0","r6.0.16","r6.0.16-rc0","r6.0.17","r6.0.17-rc0","r6.0.18","r6.0.18-rc0","r6.0.19","r6.0.2","r6.0.2-rc0","r6.0.2-rc1","r6.0.20","r6.0.20-rc0","r6.0.20-rc1","r6.0.20-rc2","r6.0.20-rc3","r6.0.21","r6.0.24-alpha0","r6.0.3","r6.0.3-rc0","r6.0.3-rc1","r6.0.3-rc2","r6.0.4","r6.0.4-rc0","r6.0.4-rc1","r6.0.5","r6.0.5-rc0","r6.0.5-rc1","r6.0.6","r6.0.6-rc0","r6.0.6-rc1","r6.0.7","r6.0.7-rc0","r6.0.8","r6.0.8-rc0","r6.0.9","r6.0.9-rc0","r6.0.9-rc1","r7.0.0","r7.0.1","r7.0.1-rc0","r7.0.10","r7.0.10-rc0","r7.0.11","r7.0.11-rc0","r7.0.11-rc1","r7.0.11-rc2","r7.0.12","r7.0.12-rc0","r7.0.12-rc1","r7.0.13","r7.0.13-rc0","r7.0.13-rc1","r7.0.14","r7.0.14-rc0","r7.0.15","r7.0.15-rc0","r7.0.15-rc1","r7.0.16","r7.0.16-rc0","r7.0.16-rc1","r7.0.17","r7.0.2","r7.0.2-rc0","r7.0.2-rc1","r7.0.2-rc2","r7.0.3","r7.0.3-rc0","r7.0.3-rc1","r7.0.4","r7.0.4-rc0","r7.0.5","r7.0.5-rc0","r7.0.6","r7.0.6-rc0","r7.0.7","r7.0.7-rc0","r7.0.7-rc1","r7.0.7-rc2","r7.0.8","r7.0.8-rc0","r7.0.9","r7.0.9-rc0","r7.0.9-rc1","r8.0.0","r8.0.1","r8.0.1-rc0","r8.0.2","r8.0.3","r8.0.4","r8.0.4-rc0","r8.0.5","r8.0.5-rc0","r8.0.5-rc1","r8.0.5-rc2"],"database_specific":{"vanir_signatures":[{"id":"CVE-2025-10059-30d30407","target":{"file":"src/mongo/db/repl/oplog_applier_impl.cpp"},"digest":{"line_hashes":["259138757267497787322732660740307019147","132000857137170557431027225526182190543","219296449103344026824906174079893054414","5720932185945374029998360576327319478"],"threshold":0.9},"source":"https://github.com/mongodb/mongo/commit/c5423a4f25b3056ee2380ddc4e5e5fc3f5a6afc2","deprecated":false,"signature_version":"v1","signature_type":"Line"},{"id":"CVE-2025-10059-651640f6","target":{"function":"OplogApplierImpl::_run","file":"src/mongo/db/repl/oplog_applier_impl.cpp"},"digest":{"function_hash":"254642164138027264659524708034929552096","length":2368},"source":"https://github.com/mongodb/mongo/commit/c5423a4f25b3056ee2380ddc4e5e5fc3f5a6afc2","deprecated":false,"signature_version":"v1","signature_type":"Function"},{"id":"CVE-2025-10059-b35324af","target":{"function":"CollectionRoutingInfoTargeter::_targetQuery","file":"src/mongo/s/collection_routing_info_targeter.cpp"},"digest":{"function_hash":"270348088771156963022993784675396103736","length":827},"source":"https://github.com/mongodb/mongo/commit/01446737d14e8e41feba33b2a5b7538c4b0fdc89","deprecated":false,"signature_version":"v1","signature_type":"Function"},{"id":"CVE-2025-10059-ff8803f2","target":{"file":"src/mongo/s/collection_routing_info_targeter.cpp"},"digest":{"line_hashes":["200589201934254357811463676773712275958","63605353816517337771785508199529866736","80109071181097913300146229557150592459","223503303510403772449454539366973737259","206307475781743155230171432035110126298","209462201861701036355955731340079539923","104764857285727897851241798430944180616","90235110007444317084516985049945193792"],"threshold":0.9},"source":"https://github.com/mongodb/mongo/commit/01446737d14e8e41feba33b2a5b7538c4b0fdc89","deprecated":false,"signature_version":"v1","signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10059.json","vanir_signatures_modified":"2026-04-12T17:35:44Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}