CVE-2025-14847
Published Dec 19, 2025
Last updated 3 months ago
- Description
- Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.
- Source
- cna@mongodb.com
- NVD status
- Analyzed
- Products
- mongodb
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability
- Exploit added on
- Dec 29, 2025
- Exploit action due
- Jan 19, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cna@mongodb.com
- CWE-130
- Hype score
- Not currently trending
🚨 Critical MongoDB Vulnerability (MongoBleed) CVE-2025-14847 exposes sensitive data from MongoDB instances. Securelic explains the risk and the immediate fix. Stay ahead of attackers! 💻🔒 Read here https://t.co/Cdmq8394mA #MongoDB #CyberSecurity #Securelic #Vulnerability
@securelic
10 Mar 2026
97 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 February Linux Patch Wednesday: 632 vulns (305 in Linux Kernel), 2 exploited in the wild - 💥 RCE Chromium (CVE-2026-2441), 🔓 MongoBleed in MongoDB (CVE-2025-14847) + 56 w/ public exploits. #LinuxPatchWednesday #Vulristics #Linux ➡️ https://t.co/KGxQ5P7kkL https://t
@leonov_av
20 Feb 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The MongoBleed disclosure (CVE-2025-14847) is a perfect example of why timing matters. CybrPulse flagged it 6 hours before CISA KEV. That's your patch window. Early detection isn't about being smart. It's about survival. https://t.co/KKfblcysr4
@CybrPulse
20 Feb 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 MongoBleed (CVE-2025-14847): Critical unauthenticated memory disclosure in MongoDB 4.4-8.0 No creds needed. Just send a malformed zlib message and read server memory — credentials, query results, encryption keys. 200,000 exposed instances. Patch NOW. https://t.co/KKfblc
@CybrPulse
20 Feb 2026
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
fiz uma talk sobre a CVE-2025-14847 (Mongobleeding) que teve em dezembro. Vou mostrar como exploitar e como se proteger. falar sobre o Mongo Wire Protocol, alocação de heap, Queryable Encryption e Compressão. quem tiver por floripa: https://t.co/kAIDQ4xes7 https://t.co/D0wlN
@dvorlandi
18 Feb 2026
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 MongoBleed [High] Feb 10, 2026 MongoBleed (CVE-2025-14847) is a heap-memory disclosure vulnerability in MongoDB Server. It arises in the server’s zlib compression handling logic, specifically in how it parses compressed network messages. By sending specially crafted https:
@transilienceai
10 Feb 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mongobleed - CVE-2025-14847 https://t.co/HXGx6VA4y9
@_r_netsec
6 Feb 2026
501 Impressions
3 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847 - MongoBleed vulnerability exploited in the wild https://t.co/GDqWjJvOuF https://t.co/QXBmIRuvKL
@SirajD_Official
6 Feb 2026
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847 - MongoBleed vulnerability exploited in the wild https://t.co/lGFLqw4Rpo https://t.co/XkR3Vi53Iq
@SirajD_Official
6 Feb 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MongoBleed vulnerability CVE-2025-14847 can expose sensitive data from heap memory. This includes cleartext credentials, API keys, session tokens and PII. Read Unit 42's latest Threat Brief for details. https://t.co/2yniKCLNpD
@cu1993
1 Feb 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Brief: MongoDB Vulnerability (CVE-2025-14847) Severity: MEDIUM https://t.co/1j6aK3L0jT #CyberSecurity #ThreatIntel https://t.co/CX5rsGeiYR
@OneData131
1 Feb 2026
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MongoBleed: Critical MongoDB Vulnerability CVE-2025-14847 - custom Nuclei template (see below) designed to deterministically and safely detect if a MongoDB server is vulnerable to CVE-2025-14847, without exfiltrating data. https://t.co/PBMg62zBec #cyber #threathunting #infosec
@blueteamsec1
1 Feb 2026
657 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
Security alert: CVE-2025-14847 allows unauthenticated heap reads via malformed zlib headers in MongoDB v3.6-8.2. If you run these versions, review NVD details and patch now: https://t.co/nJvYe1yUpP #MongoDB #Security
@NoSQLNerd
30 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security alert: CVE-2025-14847 allows unauthenticated heap reads via malformed zlib headers in MongoDB v3.6-8.2. If you run these versions, review NVD and patch ASAP: https://t.co/nJvYe1yUpP #MongoDB #Security
@NoSQLNerd
30 Jan 2026
61 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical MongoDB flaw (CVE-2025-14847): unauthenticated heap reads via malformed zlib headers. Affects v3.6–8.2 and public exploits exist — review the NVD details and patch ASAP: https://t.co/nJvYe1yUpP #MongoDB #Security
@NoSQLNerd
29 Jan 2026
82 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical MongoDB Flaw Exposes Heap Memory CVE-2025-14847 (“MongoBleed”) allows unauthenticated attackers to read uninitialized heap memory via malformed Zlib headers. Affected: MongoDB v3.6–8.2 Public exploits are live. https://t.co/YFqB3C0vxq #CVE202514847 #MongoBleed
@TuringCyberObs
29 Jan 2026
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
MongoBleed (CVE-2025-14847) Information Leak Vulnerability Exploited in the Wild by Peled Eldan and Erez Hasson from XM Cyber - December 31, 2025. https://t.co/1H6DLuza2t https://t.co/lCn4U8ECd7
@InfoSecSherpa
29 Jan 2026
255 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
MongoBleed (CVE-2025-14847): analysis of an 8-year memory leak that exposed MongoDB data. Read technical breakdown, impact, and patch advice: https://t.co/cZRYwfdfYF #MongoDB #security
@NoSQLNerd
27 Jan 2026
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-14847 - MongoDB Unauthenticated Memory Leak Exploit - A proof-of-concept exploit for the MongoDB zlib decompression vulnerability that allows unauthenticated attackers to leak sensitive server memory. https://t.co/Zr1vQzvHJF #cyber #threathunting #infosec
@blueteamsec1
25 Jan 2026
729 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical: MongoBleed (CVE-2025-14847) — pre-auth memory leak in MongoDB enabling data exfiltration. Wiz shows ~87k exposed instances. If you run MongoDB, read the analysis and apply patches or disable zlib compression now. https://t.co/xjzft7ifPr #MongoDB #CloudSecurity #CVE
@NoSQLNerd
22 Jan 2026
48 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 MongoBleed (CVE-2025-14847) exploité in the wild : Fuite mémoire pré-auth dans MongoDB via zlib → exfiltration de données sans authentification. ⚠️ 87k instances exposées, patch urgent requis. 🔎 Analyse par Wiz 👉 https://t.co/8wH6Ftzkg6 #CVE #MongoDB #Clou
@Guardia_School
22 Jan 2026
18 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#MongoBleed 脆弱性 (CVE-2025-14847) により、ヒープメモリから機密データが漏えいする恐れがあります。これには平文の認証情報、API キー、セッショントークン、PII が含まれます。詳細は最新の脅威ブリーフをご
@unit42_jp
20 Jan 2026
1155 Impressions
2 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 MongoBleed info leak (CVE-2025-14847): unauth memory disclosure in #MongoDB zlib compression, leaks creds/keys/customer data, patched Dec 19, public exploit + mass exploitation Dec 26, CISA KEV Dec 29, ~86k servers exposed (#Censys) #MongoBleed ➡️ https://t.co/0usvfBRyt8
@leonov_av
19 Jan 2026
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 MongoDB CVE-2025-14847 mitigated at scale Secured 300+ MongoDB servers with: ✔️ Zero downtime ✔️ Post-patch validation ✔️ Continuous monitoring Security at Mydbops is engineered, not reactive. #MongoDB #DatabaseSecurity #CVE #Mydbops https://t.co/j53KQtNMMR
@MydbopsOfficial
19 Jan 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847 - MongoBleed vulnerability exploited in the wild https://t.co/OrMFc1eU6O https://t.co/gj0aRO3BwD
@PhotoZel
18 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847 - MongoBleed vulnerability exploited in the wild https://t.co/JJXXhN9lnY https://t.co/bbc12wNQRR
@CloudVirtues
17 Jan 2026
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
收到了 MongoDB 高危漏洞的提醒,CVE-2025-14847 MongoDB 在启用 zlib 网络压缩 时存在内存信息泄露漏洞,无需认证即可远程触发,可能泄露内存中的密码、Token 等敏感数据
@nodotbtree
17 Jan 2026
63 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Scan for CVE-2025-14847 with MongoBleed - a high-performance scanner to find vulnerable MongoDB instances. Run it to secure your network: https://t.co/2wHcoVTuzA #MongoDB #infosec #cybersecurity
@NoSQLNerd
16 Jan 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغرة أمنية (CVE-2025-14847، بتقييم CVSS عند 8.7) في خوادم @MongoDB ، تسمح بقراءة أجزاء من ذاكرة بنية المعطيات (Heap) غير المهيأة دون الحاجة لتسجيل دخول أو صلاحيات مسبقة. أد
@cyberscastx
16 Jan 2026
576 Impressions
0 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
🚀 CVE-2025-14847 MongoDB Info Disclosure Scanner 🛠 Exploit crafted zlib packets to reveal sensitive data. Real-time output. 👉 https://t.co/AMz2NBUyQd #exploit #scanner #infosec
@TheExploitLab
16 Jan 2026
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Yeni yazımız Medium’da yayında 🚀 CVE-2025-14847 — MongoBleed 🩸 İçeriklerimize aşağıdaki bağlantılar üzerinden erişebilirsiniz. - [TR] https://t.co/7BSneTQ8Yx - [ENG] https://t.co/AsC2W6pU0V https://t.co/lgWFHxEC1F
@peakcybersec
15 Jan 2026
134 Impressions
3 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical MongoDB flaw CVE-2025-14847 (MongoBleed) allows unauthenticated remote attackers to leak sensitive data via OP_COMPRESSED field manipulation. Over 146,000 instances exposed. #MongoBleed #DataLeak #USA https://t.co/JxsxKJQHod
@TweetThreatNews
14 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Originally from Unit 42: Threat Brief: MongoDB Vulnerability (CVE-2025-14847) https://t.co/GcKSurJ7pu ( :-{ı▓ #unit42 #threathunting #cyberresearch https://t.co/xXVy8ZyJAz
@Cyb3rR3s34rch
14 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The cybersecurity community was alarmed in late December 2025 when MongoDB announced a serious vulnerability called “Mongobleed” (CVE-2025-14847). This high-severity flaw allows unauthenticated attackers to steal sensitive data directly from server memory. https://t.co/NI6CuM
@PentestLayer
14 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical threat alert! Unit 42 uncovers "MongoBleed" (CVE-2025-14847), a serious vulnerability impacting MongoDB. Are your databases at risk? Get the full threat brief for essential details and mitigation steps. #MongoDB #Vulnerability https://t.co/0wKlTxmUlP
@xcybersecnews
14 Jan 2026
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 MongoBleed Exploited in the Wild: Unauthenticated MongoDB Memory Leak Puts Secrets at Risk Unit 42 details CVE-2025-14847 (“MongoBleed”), where attackers can abuse MongoDB’s zlib-compressed OP_COMPRESSED messages to force oversized buffer allocation and leak uninitiali
@ThreatSynop
13 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐓𝐡𝐫𝐞𝐚𝐭 𝐁𝐫𝐢𝐞𝐟: 𝐌𝐨𝐧𝐠𝐨𝐃𝐁 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 (𝐂𝐕𝐄-𝟐𝟎𝟐𝟓-𝟏𝟒𝟖𝟒𝟕) • MongoBleed (CVE-2025-14847) is an unauthenticated memory disclosure vulnerability in Mo
@PurpleOps_io
13 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#MongoBleed vulnerability CVE-2025-14847 can expose sensitive data from heap memory. This includes cleartext credentials, API keys, session tokens and PII. Read our latest Threat Brief for details: https://t.co/qLHfNLdWr5 https://t.co/PPoJFfEFeg
@Unit42_Intel
13 Jan 2026
2503 Impressions
7 Retweets
14 Likes
7 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847: MongoBleed, A Wake-Up Call for MongoDB Security In late 2025 and early 2026, a critical vulnerability in MongoDB, one of the worlds most popular NoSQL document databases, drew significant attention. Tracked as CVE-2025-14847 and nicknamed MongoBleed, this flaw ht
@CyberLeveling
13 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14847还在追杀我 QAQ 补药啊!!!!! #MongoDB
@xuxiaoxiaom
13 Jan 2026
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MongoBleed remains under active active exploitation. Have you patched??? “🚨 MongoBleed (CVE-2025-14847, CVSS 8.7) — Actively exploited MongoDB vuln leaking heap memory! Unauth attackers grab creds, API keys, session tokens via zlib compression mishandling. Affects version
@CyberAlliance26
12 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MongoBleed remains under active active exploitation. Have you patched??? “🚨 MongoBleed (CVE-2025-14847, CVSS 8.7) — Actively exploited MongoDB vuln leaking heap memory! Unauth attackers grab creds, API keys, session tokens via zlib compression mishandling. Affects version
@CyberAlliance26
12 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【Update】Information Disclosure Vulnerability in MongoDB (CVE-2025-14847) https://t.co/DNkBbdbEIn #MongoDB #security #vulnerability
@blog_casting
12 Jan 2026
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide 🚨🔒 **MongoDB Vulnerability**: A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified acros
@HackonomicNews
11 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MongoDB爆出高危内存泄露漏洞CVE-2025-14847(代号MongoBleed),攻击者可通过特制压缩包远程读取服务器内存中的密钥、会话令牌等敏感信息。 影响版本:4.4.x至8.2.x全线版本 https://t.co/ifE2sRwjlH #数据库安全 #漏洞防护
@ctkqiang
10 Jan 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical MongoDB vulnerability (“Mongoled,” CVE-2025-14847) allows unauthenticated attackers to exfiltrate residual memory from exposed MongoDB instances via a malformed BSON message, with no authentication or user interaction required #MongoDB
@TusharbBorse2
10 Jan 2026
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
December 2025 saw major security events: unauthenticated React2Shell RCE (CVE-2025-55182), BRICKSTORM backdoor resurfacing, MongoBleed data exposure (CVE-2025-14847), and EtherRAT leveraging Ethereum smart contracts. #React2Shell #BRICKSTORM #USA https://t.co/PuchGjGbzd
@TweetThreatNews
10 Jan 2026
128 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical MongoDB vulnerability (CVE-2025-14847): US and Australia issued a joint advisory warning state-backed actors are exploiting it. If you run MongoDB, read the analysis and mitigation steps: https://t.co/4A96pJwPY9 #MongoDB #Cybersecurity
@NoSQLNerd
10 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 MongoBleed (CVE-2025-14847) Actively Exploited: Critical MongoDB Flaw Leaking Passwords & Keys! A severe unauthenticated heap memory leak in MongoDB (CVSS 8.7) is being hammered in the wild since late Dec 2025 exposing creds, API keys, & sensitive data on ~70% of exp
@EagleScoutSec
10 Jan 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
¡Atención! 🚨 Una grave vulnerabilidad en MongoDB (CVE-2025-14847) podría permitir la toma de control del servidor. Más info: https://t.co/lISpiq9opS #Ciberseguridad #MongoDB
@AlejosAngel
9 Jan 2026
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCC5203-4E5E-4B2B-86A1-FD47A097013C",
"versionEndExcluding": "4.4.30",
"versionStartIncluding": "3.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD1EB22-51EA-4ABC-9E0B-99520670133B",
"versionEndExcluding": "5.0.32",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "41ECB5AB-E6D0-412E-802F-839D53076677",
"versionEndExcluding": "6.0.27",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "5C9277BB-90FC-4A57-9028-DD57322F1D44",
"versionEndExcluding": "7.0.28",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "2F4D674D-CBC0-4412-AF68-6FED8A6394C3",
"versionEndExcluding": "8.0.17",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"matchCriteriaId": "4302991B-E6CF-4E7B-9B24-BD2355C6F393",
"versionEndExcluding": "8.2.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]