"A newly disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed. The exact details surrounding the nature of attacks exploiting the flaw are presently unknown."
"Users are advised to update to MongoDB versions 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, and 4.4.30. Data from attack surface management company Censys shows that there are more than 87,000 potentially vulnerable instances, with a majority of them located in the U.S., China, Germany, India, and France. Wiz noted that 42% of cloud environments have at least one instance of MongoDB in a version vulnerable to CVE-2025-14847. This includes both internet-exposed and internal resources."
Multiple concurrent, smaller incidents defined the end of 2025 as trusted tools behaved unexpectedly and old vulnerabilities resurfaced. A critical MongoDB flaw, CVE-2025-14847 (MongoBleed), enables unauthenticated remote leakage of server memory and more than 87,000 potentially vulnerable instances were identified worldwide. Users were instructed to update to specified MongoDB versions. Attackers abused access intended for work, updates, or support and weaponized newly disclosed flaws almost immediately. A Chrome extension compromise of Trust Wallet resulted in roughly $7 million in losses and urged users to update. Remediation lag allowed damage to continue surfacing months or years later.
#mongodb-cve-2025-14847 #exploitation-and-rapid-weaponization #browser-extension-compromise #persistentlong-tail-impact
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]