US EditionU.S. CISA Adds a Flaw in MongoDB Server to Its Known Exploited Vulnerabilities Catalog
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.9 Articles
9 Articles
U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a MongoDB Server vulnerability, tracked as CVE-2025-14847 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. The recently disclosed MongoDB vulnerability CVE-2025-14847 (aka MongoBleed) is being actively exploited, wit…
MongoDB stock slides as “MongoBleed” exploitation warning puts database security in focus
NEW YORK, December 29, 2025, 15:18 ET — Regular session MongoDB Inc (MDB) shares were down about 2.2% at $426.35 in afternoon trading on Monday, after swinging between $421.11 and $435.80 earlier in the session. The decline put a spotlight on a cyber risk that can matter quickly for database providers: patching cadence. When a vulnerability can be exploited without a login, security teams often move to lock down internet exposure before they do …
Threat Actors Exploiting Critical ‘MongoBleed’ MongoDB Flaw
A high-severity flaw in MongoDB instances could allow unauthenticated remote bad actors to leak sensitive data from MongoDB servers. Dubbed "MongoBleed," the security flaw is being exploited in the wild after a PoC exploit and technical details were published. MongoDB has released patches to protect against exploitation. The post Threat Actors Exploiting Critical ‘MongoBleed’ MongoDB Flaw appeared first on Security Boulevard.
MongoDB warns that a major security flaw impacts many versions of its database. The flaw is numbered CVE-2025-14847. The relevant versions are:MongoDB 8.2.0 through 8.2.2MongoDB 8.0.0 through 8.0.16MongoDB 7.0.0 through 7.0.26MongoDB 6.0.0 through 6.0.26MongoDB 5.0.0 through 5.0.31MongoDB 4.4.0 through 4.4.29All MongoDB Server v4.2 versionsAll MongoDB Server v4.0 versionsAll MongoDB Server v3.6 versionsThe editor advises to update without delay …
Critical 'MongoBleed' Flaw Exploited In The Wild To Leak Database Secrets
The cybersecurity world is facing a "Heartbleed" moment for the NoSQL era. A critical vulnerability in MongoDB, the world’s most popular non-relational database, is being actively exploited in the wild, allowing unauthenticated attackers to "bleed" sensitive memory directly from server processes. Dubbed "MongoBleed" and tracked as CVE-2025-14847, the flaw represents a catastrophic breakdown in how MongoDB handles compressed data. According to re…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
