The Hacker News

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...

zlib: Critical vulnerability in untgz tool allows code smuggling – no update yet

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.
SecurityWeek

Fresh MongoDB Vulnerability Exploited in Attacks

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...
TechJuice

Critical MongoDB Vulnerability Exposes Servers to Attack

A critical MongoDB vulnerability allows unauthenticated access to databases, raising urgent security risks for exposed servers worldwide.
Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
InfoWorld

High severity flaw in MongoDB could allow memory leakage

Document database vendor MongoDB has advised customers to update immediately following the discovery of a flaw that could allow unauthenticated users to read uninitialized heap memory.
eWeek

Zlib Security Flaw Exposes Swath of Programs

eSpeaks host Corey Noles sits down with Qualcomm's Craig Tellalian to explore a workplace computing transformation: the rise of AI-ready PCs. Matt Hillary, VP of Security and CISO at Drata, details ...
The Register on MSN

An early end to the holidays: 'Heartbleed of MongoDB' is now under active exploit

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week ...