GLOBAL SITUATIONMONITORING

482 published briefsUTCFri, Mar 27 17:41:11

Intelligence Tag

Database Security

Defensive measures and architectural controls for preventing unauthorized database access, data exfiltration, and memory-based information leaks

1 intelligence brief← Intelligence Hub

MongoDB MongoBleed CVE-2025-14847: Unauthenticated Memory Leak Under Active Exploitation

A critical pre-authentication memory disclosure vulnerability in MongoDB allows attackers to leak heap memory without credentials. With 87,000+ vulnerable instances globally and active exploitation confirmed, CISA has mandated patches for Federal agencies by January 19, 2026.

Peter Chofield

Jan 4, 2026

3–5 minutes