A critical vulnerability called MongoBleed (CVE-2025-14847) affects numerous MongoDB versions and is actively exploited, exposing over 80,000 servers worldwide. Attackers can remotely extract sensitive data such as credentials and API keys without requiring authentication, prompting urgent patching and detection efforts. #MongoBleed #CVE-2025-14847
Keypoints
- The MongoBleed vulnerability affects multiple MongoDB versions dating back to 2017.
- Exploitation allows attackers to leak secrets by causing memory buffer leaks during network message processing.
- The flaw is triggered before authentication, enabling credential theft without access credentials.
- Over 87,000 vulnerable MongoDB instances are accessible from the public internet worldwide.
- MongoDB addressed the issue with patches and recommends disabling zlib or upgrading to safe versions.