Critical MongoDB Vulnerability: CVE-2025-14847 (MongoBleed)
ID: 4488af67-5b82-5a70-a7a3-862dd2600885
STIX ID: report--4488af67-5b82-5a70-a7a3-862dd2600885
Feed Name: Abstract Security Blog
Threat Score
This report describes CVE-2025-14847 (“MongoBleed”), a high-severity unauthenticated memory-disclosure vulnerability in MongoDB Server caused by improper zlib-compressed protocol header parsing; it details affected and patched versions, observable log indicators (大量 “Slow query” and InvalidBSON errors), detection queries, mitigation steps (patching, disabling zlib, enabling command error logging), and recommended incident response actions.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.