A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...
The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...
A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.Key takeaways:MongoBleed is a ...
CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to ...
Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in ...
A critical MongoDB vulnerability allows unauthenticated access to databases, raising urgent security risks for exposed servers worldwide.
Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more urgent now.
Research by The Shadowserver Foundation shows that 74,854 MongoDB servers are still vulnerable to the “MongoBleed” ...
Update 12/26/25: Article updated to correct that the flaw has not been officially classified as an RCE. MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback