fromTheregister3 days agoInformation security'Heartbleed of MongoDB' under active exploitCVE-2025-14847 (MongoBleed) lets unauthenticated remote attackers read uninitialized heap memory via malformed zlib-compressed MongoDB Server packets, risking exposure of credentials and keys.
fromThe Hacker News6 days agoInformation securityNew MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized MemoryA zlib-related length-handling bug in MongoDB (CVE-2025-14847) can let unauthenticated clients read uninitialized heap memory; update recommended.
fromThe Hacker News6 days agoInformation securityNew MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory
