MongoBleed Vulnerability Actively Exploited in the Wild

First reported

29.12.2025 15:38

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A newly disclosed security vulnerability in MongoDB, codenamed MongoBleed (CVE-2025-14847), is being actively exploited in the wild. The flaw allows unauthenticated attackers to remotely leak sensitive data from MongoDB server memory. Over 87,000 potentially susceptible instances have been identified globally, with a majority located in the U.S., China, Germany, India, and France. Users are advised to update to the latest versions of MongoDB to mitigate the risk. The vulnerability has a CVSS score of 8.7 and affects multiple versions of MongoDB. Wiz reported that 42% of cloud environments have at least one instance of MongoDB vulnerable to this flaw.

Timeline

29.12.2025 15:38 1 articles · 23h ago

MongoBleed Vulnerability Actively Exploited in the Wild
A newly disclosed security vulnerability in MongoDB, codenamed MongoBleed (CVE-2025-14847), is being actively exploited in the wild. The flaw allows unauthenticated attackers to remotely leak sensitive data from MongoDB server memory. Over 87,000 potentially susceptible instances have been identified globally, with a majority located in the U.S., China, Germany, India, and France. Users are advised to update to the latest versions of MongoDB to mitigate the risk.
Show sources

⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38
Open in new tab

Information Snippets

MongoBleed (CVE-2025-14847) allows unauthenticated attackers to remotely leak sensitive data from MongoDB server memory.
First reported: 29.12.2025 15:38

1 source, 1 article
Show sources
- ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38
Over 87,000 potentially vulnerable MongoDB instances have been identified globally.
First reported: 29.12.2025 15:38

1 source, 1 article
Show sources
- ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38
The majority of vulnerable instances are located in the U.S., China, Germany, India, and France.
First reported: 29.12.2025 15:38

1 source, 1 article
Show sources
- ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38
Wiz reported that 42% of cloud environments have at least one instance of MongoDB vulnerable to CVE-2025-14847.
First reported: 29.12.2025 15:38

1 source, 1 article
Show sources
- ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38
Users are advised to update to MongoDB versions 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, and 4.4.30 to mitigate the risk.
First reported: 29.12.2025 15:38

1 source, 1 article
Show sources
- ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More — thehackernews.com — 29.12.2025 15:38