Holiday disruption: ‘MongoBleed’ zlib bug (CVE-2025-14847) in MongoDB now exploited
TL;DR CISA says a high-severity MongoDB Server flaw, CVE-2025-14847, is being actively exploited after proof-of-concept code surfaced over Christmas. The…
MongoDB Server Security Update, December 2025 — CVE-2025-14847 (Mongobleed) Response
TL;DR MongoDB’s security team discovered a vulnerability (CVE-2025-14847, nicknamed “Mongobleed”) on December 12, 2025 and issued patches across Atlas, Enterprise,…
MongoBleed (CVE-2025-14847): how a zlib bug exposes MongoDB heap data
TL;DR MongoBleed (CVE-2025-14847) is a zlib compression bug in MongoDB that can let unauthenticated attackers read uninitialized heap memory. The…
Public GitHub ‘mongobleed’ repo references CVE-2025-14847 MongoDB exploit
TL;DR A public GitHub repository named 'mongobleed' hosts a Python file whose latest commit labels it as a CVE-2025-14847 "MongoDB…