C driver

This hub aggregates every CVE we track for C driver, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 11 most recently published vulnerabilities affecting C driver.

• CVE-2026-9100Heap memory out of bounds read and crash in C Driver legacy GridFS file reader5.9May 20, 2026
• CVE-2026-6691MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow7.8May 6, 2026
• CVE-2026-6231bson_validate may skip validation when processing certain inputs4.3Apr 13, 2026
• CVE-2026-4359Heap-buffer-over-read in _mongoc_http_send via strstr on non-null-terminated buffer2.0Mar 17, 2026
• CVE-2025-12119Bulk write with options may read invalid memory6.8Nov 18, 2025
• CVE-2024-7553Accessing Untrusted Directory May Allow Local Privilege Escalation7.3Aug 7, 2024
• CVE-2023-0437MongoDB client C Driver may infinitely loop when validating certain BSON input data5.3Jan 12, 2024
• CVE-2021-32050Some MongoDB Drivers may publish events containing authentication-related data to a command listener configured by an application4.2Aug 29, 2023
• CVE-2022-48282Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution6.6Feb 21, 2023
• CVE-2021-20331MongoDB C# Driver may publish events containing authentication-related data to a command listener configured by an application4.2May 13, 2021
• CVE-2020-12135bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflo...5.5Apr 24, 2020