A vulnerability marked as problematic has been reported in MongoDB Server up to 7.0.34/8.0.9/8.2.9/8.3.2 . The affected element is an unknown function. Performing a manipulation of the argument _internalConvertBucketIndexStats results in reachable assertion. This vulnerability is identified as CVE-2026-9748 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.