From 734239346bb753c594f42fed4d4b02594bf094ca Mon Sep 17 00:00:00 2001
From: Danny Avila <danny@librechat.ai>
Date: Wed, 25 Mar 2026 13:56:43 -0400
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20chore:=20Bump=20MongoDB=20from?=
 =?UTF-8?q?=208.0.17=20to=208.0.20=20in=20Docker=20Compose=20Files=20(#123?=
 =?UTF-8?q?99)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Addresses vulnerabilities disclosed in CERTFR-2026-AVI-0310:
- Improper object lifecycle management of MD5 hash state in core
  cryptographic operations (Blocker/P1)
- Use-after-free in ExpressionContext during pipeline cloning with
  nested $unionWith stages (Major/P3)
---
 deploy-compose.yml | 2 +-
 docker-compose.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/deploy-compose.yml b/deploy-compose.yml
index 968768b818..5d7bcebcd0 100644
--- a/deploy-compose.yml
+++ b/deploy-compose.yml
@@ -46,7 +46,7 @@ services:
     container_name: chat-mongodb
     # ports:  # Uncomment this to access mongodb from outside docker, not safe in deployment
     #   - 27018:27017
-    image: mongo:8.0.17
+    image: mongo:8.0.20
     restart: always
     volumes:
       - ./data-node:/data/db
diff --git a/docker-compose.yml b/docker-compose.yml
index 079cdb74b6..6c95c309b4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -29,7 +29,7 @@ services:
       - ./logs:/app/logs
   mongodb:
     container_name: chat-mongodb
-    image: mongo:8.0.17
+    image: mongo:8.0.20
     restart: always
     user: "${UID}:${GID}"
     volumes: