How to find MongoDB instances on your network

MongoDB disclosed a high-severity pre-authentication memory-leak vulnerability (CVE-2025-14847, CVSS 7.5) caused by mismatched length fields in Zlib-compressed protocol headers that can expose uninitialized heap memory and sensitive data. The advisory lists many affected server versions (3.6.x through 8.2.x with specific upgrade cutoffs), states there is evidence of active exploitation, and urges immediate upgrades to the provided patched versions.