Threat Brief: MongoDB Vulnerability (CVE-2025-14847) Database platform MongoDB disclosed CVE-2025-14847, called MongoBleed. This is an unauthenticated memory disclosure vulnerability with a CVSS score of 8.7.

#MongoBleed vulnerability CVE-2025-14847 can expose sensitive data from heap memory. This includes cleartext credentials, API keys, session tokens and PII. Read our latest Threat Brief for details: bit.ly/4qVOkOM

流程

ouput

MongoDB爆出高危内存泄露漏洞CVE-2025-14847（代号MongoBleed），攻击者可通过特制压缩包远程读取服务器内存中的密钥、会话令牌等敏感信息。

影响版本：4.4.x至8.2.x全线版本

mp.weixin.qq.com/s/D647GdoQGx...

#数据库安全 #漏洞防护 #MongoDB #网络安全 #哪吒网络安全 #MongoBleed #CVE-2025-14847 #poc

Urgent Security Update: Patching “Mongobleed” (CVE-2025-14847) in Percona Server for MongoDB At Percona, our mission has always been to provide the community with truly open-source, enterprise-...

#MongoDB #Percona #Software #mongobleed #percona #server #for #MongoDB

Origin | Interest | Match

Urgent Security Update: Patching “Mongobleed” (CVE-2025-14847) in Percona Server for MongoDB At Percona, our mission has always been to provide the community with truly open-source, enterprise-...

#MongoDB #Percona #Software #mongobleed #percona #server #for #MongoDB

Origin | Interest | Match

Ein neues #OpenSource -Tool hilft, #MongoDB -Server auf Spuren von Angriffen durch die Schwachstelle MongoBleed zu analysieren. Der #MongoBleed Detector von Florian Roth kann lokal und remote eingesetzt werden, um Missbrauch zu erkennen und bietet verschiedene Analysemethoden.

One more side project? 🙃
🥭🩸🍯
#mongobleed #CVE-2025-14847

CVE-2025-14847 MongoBleed in the Wild: ネットワークメタデータによるMongoDBの露出と悪用の特定 by Fabien Guillot CVE-2025-14847「MongoBleed」は重大なメモリリークを露呈しますVectra ネットワーク内の脆弱なMongoDBインスタンスを検出する方法を学びましょう。

うげー

#mongobleed

ja.vectra.ai/blog/cve-202...

NB399: Lockbit5 teistert Benelux en MongoBleed treft Ubisoft naast Chinese spionagedreiging / Nieuwsbrief berichten / Nieuwsbrief archief / Menu Nieuws & Trends | Cybercrimeinfo.nl NB399: Lockbit5 valt Benelux aan en MongoBleed treft Ubisoft. Lees alles over Chinese spionage, AI-dreigingen en DDoS-aanvallen in dit weekoverzicht.

👉 Artikel: www.ccinfo.nl/menu-nieuws-...

🎙️ Discussiepodcast over het nieuws van afgelopen week. (spotify)
open.spotify.com/episode/4Yi5...

#Lockbit5 #MongoBleed #Cybersecurity #Ransomware #ChineseSpionage
#Nieuwsbrief #Discussiepodcast

CISA Directs Feds To Patch MongoBleed
Read More: buff.ly/OSPAY1T

#MongoBleed #MongoDBSecurity #CISAKEV #ActiveExploitation #DatabaseVulnerabilities #PatchNow #CloudRisk #InfosecAlert

MongoDB CVE 2025 14847 Under Exploit Now
Read More: buff.ly/f1JJIMJ

#MongoBleed #MongoDBSecurity #CVE202514847 #ActiveExploitation #DatabaseSecurity #MemoryLeak #CloudRisk #PatchNow #InfosecAlert

CVE-2025-14847 (MongoBleed) — A High-Severity Memory Leak in MongoDB The mongobleed vulnerability allows an unauthenticated remote attacker with network access to extract fragments of uninitialized server memory

CVE-2025-14847 (MongoBleed) — A High-Severity Memory Leak in MongoDB A high severity vulnerability, referred to as “mongobleed” (CVE-2025-14847) has been identified in most versions of MongoD...

#MongoDB #mongobleed

Origin | Interest | Match

🫤 We know the *last* thing you want to deal with on Dec 31st is a new vuln. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.

Our team already updated the Network Scanner to find this info disclosure flaw that's currently letting unauth attackers leak MongoDB server info.

Cont👇

#CISA orders feds to patch #MongoBleed flaw exploited in attacks

www.bleepingcomputer.com/news/security/cisa-order...

#potatosecurity

Santa Mongo gave everyone free Rainbow Six points for Christmas #mongobleed

PSA: #MongoBleed is a buffer over-read/out-of-bounds read, NOT a memory leak. A memory leak is when you never release memory, so you're literally running out of it due to a leak.

Thank you for your attention on this matter.

Can't fucking wait for all #MongoBleed leaks to come out at new years (at midnight?).... :'D

Rumor: Ubisoft Hacked in Massive 900GB 'MongoBleed' Data Breach — NeonLightsMedia Reports indicate hackers may have stolen 900GB of Ubisoft data, including source code from the 90s to unreleased titles. Here is the latest on the leak.

Rumor has it Ubisoft got hit by a massive hack. Attackers allegedly stole 900GB of source code spanning 30 years. The irony of "get comfortable not owning your games" is not lost on anyone.

www.neonlightsmedia.com/blog/ubisoft...

#Ubisoft #GamingNews #CyberSecurity #Hack #Mongobleed

⚠️ CVE-2025-14847 (#MongoBleed) is a critical #MongoDB vulnerability that allows a remote attacker to read sensitive data from the server’s memory without requiring authentication.

Patch immediately (8.2.3, 8.0.17+). Read our security advisory for more information: coralogix.tech/45tPEjk

Ubisoft Shuts Down Rainbow Six Siege After MongoDB Exploit Hits Players Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Ubisoft shuts down Rainbow Six Siege after the new #MongoBleed exploit hit players, causing account chaos and forcing rollback of in‑game transactions.

Read: hackread.com/mongodb-expl...

#Cybersecurity #Vulnerability #Gaming #RainbowSixSiege #Ubisoft

Critical MongoDB Uninitialized Memory Disclosure Vulnerability [CVE-2025-14847] #MongoBleed

From Censys scanning, we're seeing around 87,000 possibly vulnerable hosts

https://censys.com/advisory/cve-2025-14847

MongoBleed CVE-2025-1484: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data On December 19, 2025, MongoDB Inc. disclosed a critical new vulnerability, CVE-2025-14847, which has since been dubbed MongoBleed. This vulnerability is a high-severity unauthenticated memory leak aff...

🚨 On 12/19/25, MongoDB Inc. disclosed a critical new vuln. affecting #MongoDB – one of the most popular document-oriented databases.

CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER

🛑 MongoBleed - MongoDB - CVE-2025-14847

En l'exploitant, un attaquant peut obtenir le contenu de la RAM, ce qui permet de récupérer des infos sensibles (clés d'API, tokens, mots de passe...)

👇 + d'infos
- www.it-connect.fr/mongobleed-f...

#MongoDB #MongoBleed #infosec #cybersecurite

🔍 Are you vulnerable to MongoBleed?

Check your MongoDB version:
mongod --version

Check if zlib compression is enabled:
mongo --eval 'db.adminCommand({ getParameter:1, networkMessageCompressors:1 })'

If zlib + unpatched = risk ⚠️

#MongoBleed #Vulnerability #SecOps #BlueTeam

MongoBleed threatens databases, but detection tool is available An open-source detection tool should help organizations detect exploitation of MongoBleed (CVE-2025-14847). The critical vulnerabilit...

#Security #CVE-2025-14847 #database #MongoBleed #Mongodb #vulnerability

Origin | Interest | Match

🚨 MongoDB Security Alert 🚨
A critical vulnerability called MongoBleed (CVE-2025-14847) is being actively exploited.
#MongoDB #MongoBleed #CVE2025 #CyberSecurity #DatabaseSecurity #DataBreach #CloudSecurity #ITSecurity #InfoSec #CyberThreat #TechAlert

Awakari App

Fresh MongoDB Vulnerability Exploited in Attacks Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. The post Fres...

#Vulnerabilities #exploited #MongoBleed #MongoDB #vulnerability

Origin | Interest | Match

Original post on securityweek.com

Fresh MongoDB Vulnerability Exploited in Attacks Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. The post Fres...

#Vulnerabilities #exploited #Featured #MongoBleed […]

[Original post on securityweek.com]