MongoBleed

Memory disclosure flaw in MongoDB compression handlers enabling heap data exfiltration from vulnerable servers

Cyber News & Updates

MongoDB MongoBleed CVE-2025-14847: Unauthenticated Memory Leak Under Active Exploitation

A critical pre-authentication memory disclosure vulnerability in MongoDB allows attackers to leak heap memory without credentials. With 87,000+ vulnerable instances globally and active exploitation confirmed, CISA has mandated patches for…
Read more →

Peter Chofield

·

Jan 4, 2026

·

3–5 minutes