SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...
The Hacker News

New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory

High-severity CVE-2025-14847 allows unauthenticated attackers to read uninitialized heap memory in MongoDB due to a zlib ...

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited ...
GovInfoSecurity

75,000 MongoDBs Exposed as Attackers Exploit 'MongoBleed'

Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in ...
Techzine Europe

MongoBleed threatens databases, but detection tool is available

Research by The Shadowserver Foundation shows that 74,854 MongoDB servers are still vulnerable to the “MongoBleed” ...
The Register on MSN

An early end to the holidays: 'Heartbleed of MongoDB' is now under active exploit

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB ...

MongoDB warns admins to patch severe vulnerability immediately

MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that may be exploited by ...