A critical MongoDB vulnerability (CVE-2025-14847, CVSS 8.7) dubbed MongoBleed is being actively exploited worldwide. The flaw in zlib compression allows unauthenticated attackers to remotely leak sensitive data from server memory by sending malformed network packets. Over 87,000 potentially vulnerable instances have been identified globally, with 42% of cloud environments affected. The vulnerability affects MongoDB servers with default zlib compression enabled and can expose user information, passwords, and API keys without authentication. Patches are available in versions 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, and 4.4.30. Temporary mitigations include disabling zlib compression and restricting network exposure.
Sort: