CVE-2026-9752
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS.
Risk Assessment
Server crashes can lead to application downtime and loss of service availability for users.
Recommendation
It is recommended to review and update geometry validation mechanisms to block unsafe polygons from being processed.
Original NVD description (English source)
An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not inspect members of a GeometryCollection, allowing the unsafe path to be reached which ends with an ensuing null-pointer dereference.

