Bleeping Computer

CISA orders feds to patch MongoBleed flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to secure their systems against a high-severity MongoDB flaw that is actively being exploited in attacks.
TechRadar

Thousands of servers exposed as MongoBleed vulnerability exploited

MongoBleed (CVE-2025-14847) leaks sensitive data via uninitialized heap memory exploitation Roughly 87,000 exposed MongoDB instances vulnerable; most located in U.S., China, and Germany Patch released ...
SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. Threat actors started exploiting a high-severity MongoDB ...
The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability ...
Bleeping Computer

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the ...