A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ vulnerable servers worldwide.

CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to ...

A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.Key takeaways:MongoBleed is a ...

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib ...

MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that may be exploited by ...

Research by The Shadowserver Foundation shows that 74,854 MongoDB servers are still vulnerable to the “MongoBleed” ...

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...

A critical MongoDB vulnerability allows unauthenticated access to databases, raising urgent security risks for exposed ...

MongoDB warns of a critical security vulnerability affecting recent versions. Admins should patch immediately.

Weirdly, a public exploit and technical details are available online, showing how attackers can trigger the vulnerability and remotely extract secrets, credentials, and other sensitive data.