MongoDB News Articles

Threat Brief: MongoDB Vulnerability (CVE-2025-14847)

Database platform MongoDB disclosed CVE-2025-14847, called MongoBleed. This is an unauthenticated memory disclosure vulnerability with a CVSS score of 8.7.

4 weeks ago

US Agencies Have One Week to Fix Critical Database Vulnerability, CISA Warns

A critical MongoDB flaw is being actively targeted by attackers, putting tens of thousands of databases at risk ahead of the CISA deadline.

4 weeks ago

Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks - IT Security News

  A critical security flaw in MongoDB could allow unauthenticated attackers to extract sensitive data directly from server memory, prompting urgent patching warnings from security researchers and the database vendor.  The vulnerability, tracked as CVE-2025-14847, affects MongoDB’s implementation of ...

1 month ago

Critical 'MongoBleed' Bug Under Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.

MongoBleed threatens databases, but detection tool is available

Open-source tool detects MongoBleed exploitation. Critical MongoDB vulnerability affects 87,000 servers worldwide. Patches available.

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs in your email box

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs in your email box

Lessons From Mongobleed Vulnerability (CVE-2025-14847) That Actively Exploited In The Wild

The cybersecurity community was jolted in late December 2025 when MongoDB disclosed a critical vulnerability dubbed "Mongobleed"

Risky Bulletin: US lifts sanctions on three Intellexa execs

MongoBleed vulnerabilities exploited in the wild; scammers steal a Belgian MP's salary; Coupang hands out $1.2 billion in coupons as hack compensation.

MongoDB stock today: MDB slips as “MongoBleed” vulnerability and patch push stay in focus

MongoDB stock today: MDB slips as “MongoBleed” vulnerability and patch push stay in focus - TechStock²

'Heartbleed of MongoDB' under active exploit

A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week, is now under active exploitation, according to the US Cybersecurity and Infrastructure Security...

CISA orders feds to patch MongoBleed flaw exploited in attacks

CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data.

CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks

CISA added MongoDB Server flaw to its KEV list, that attackers are actively exploiting the vulnerability to access sensitive memory data.

CISA Warns of Actively Exploited MongoDB Server Vulnerability (CVE-2025-14847)

The flaw was added to CISA's Known Exploited Vulnerabilities (KEV) catalog on December 29, 2025, confirming threat actors are actively targeting this security weakness in real-world attacks.

CVE-2025-14847 MongoDB “MongoBleed”: Details, Next Steps | Bitsight

A high-severity vulnerability, CVE-2025-14847, affecting MongoDB Server, “MongoBleed,” is being actively exploited. Read more for technical details & impact.

70,000+ MongoDB Servers Exposed After MongoBleed PoC Released

Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability.

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation - SiliconANGLE

US and Australian agencies warn MongoBleed vulnerability in MongoDB is under active exploitation - SiliconANGLE

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ vulnerable servers worldwide.

MongoBleed Under Active Exploitation: CVE-2025-14847 Puts MongoDB Servers at Severe Risk

Security researchers at Wiz confirmed that tens of thousands of self-hosted MongoDB databases are at immediate risk from this memory-leakage flaw.

MongoBleed Detector Tool Released to Identify MongoDB Vulnerability (CVE-2025-14847)

The MongoBleed Detector, developed by Neo23x0, provides incident responders with an offline analysis capability to scan MongoDB logs

MongoBleed Vulnerability (CVE-2025-14847) Actively Exploited, MongoDB Servers Under Severe Threat

MongoDB has issued an urgent security warning regarding a critical, high-severity vulnerability dubbed "MongoBleed" (CVE-2025-14847).

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server memory.

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the public web.

MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk

A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being actively exploited in real-world attacks.

MongoBleed (CVE-2025-14847) exploited in the wild | Wiz Blog

Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild.