CVE-2025-14847

Name of the Vulnerable Software and Affected Versions MongoDB versions 3.6 through 8.2.3

Description MongoDB is vulnerable to a critical remote code execution (RCE) vulnerability (CVE-2025-14847), dubbed "MongoBleed." This flaw stems from improper handling of zlib-compressed protocol headers, allowing unauthenticated attackers to read uninitialized heap memory. This can lead to the leakage of sensitive information, including credentials, API keys, and other secrets. The vulnerability is actively exploited in the wild, with over 87,000 servers potentially affected. A public proof-of-concept (PoC) exploit is available, increasing the risk of widespread exploitation. The vulnerability affects MongoDB versions 3.6 through 8.2.3. Multiple reports indicate active exploitation by threat actors, with some sources suggesting potential data breaches and compromised systems.

Recommendations MongoDB versions prior to 8.2.3 are vulnerable. Upgrade to version 8.2.3 or later to address this vulnerability. If immediate patching is not possible, disable zlib compression. Implement strict network segmentation to limit exposure. Conduct comprehensive audits of potentially compromised systems. Monitor for unusual unauthenticated traffic.