On December 19, 2025, MongoDB disclosed a serious security flaw known as MongoBleed (CVE-2025-14847). This vulnerability enables unauthenticated attackers to extract sensitive heap memory by abusing a trust weakness in the way MongoDB Server processes zlib-compressed network traffic. Because the issue is triggered before authentication, an attacker only requires network access to MongoDB’s default port to exploit it.
Key aspects of the threat include:
Vulnerability: CVE-2025-14847 is a critical unauthenticated memory disclosure flaw in MongoDB Server’s handling of zlib-compressed messages, with a CVSS score of 8.7.
Impact: Exposed memory may contain highly sensitive information, including plaintext credentials, API keys, session tokens, and personally identifiable information (PII).
Status: Active exploitation has been confirmed in the wild. A public proof-of-concept exploit is available, and on December 29, 2025, CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of ongoing attacks.
CVE-2025-14847 Technical Details
The MongoBleed vulnerability stems from a flaw in how MongoDB handles zlib-compressed wire-protocol messages, a capability that is enabled by default. These messages are transmitted using the OP_COMPRESSED header, which encapsulates the original payload and specifies the expected size of the decompressed data.
The attack unfolds as follows:
1 - An unauthenticated attacker transmits a specially crafted compressed request to a vulnerable MongoDB instance.
2 - The attacker alters the uncompressed Size field in the OP_COMPRESSED header, inflating it far beyond the actual size of the compressed payload.
3 - MongoDB does not properly validate this value and allocates an excessively large memory buffer based on the attacker-controlled size. As a result, the buffer contains uninitialized heap memory, including residual data from prior operations.
4 - The exposure is worsened by MongoDB’s error-handling behavior. When the malformed BSON message lacks a null terminator, the server continues reading memory until it encounters one. When parsing eventually fails, MongoDB returns an error response that includes both the malicious input and the leaked heap memory.
MongoDB has already deployed a fix for its managed Atlas customers. However, organizations running self-hosted MongoDB servers must apply the patch manually. By repeatedly sending such malformed requests, an attacker can gradually exfiltrate substantial portions of server memory.
Attack Vector and ImpactThe attack vector is entirely remote and does not require authentication or user interaction. An attacker only needs network-level access to MongoDB’s default service port (TCP/27017) to exploit this vulnerability.
The primary consequence is a severe loss of data confidentiality. While MongoBleed is limited to read-only memory disclosure and cannot be used for remote code execution, the sensitivity of the exposed information makes it highly dangerous. Leaked secrets can be weaponized to facilitate additional compromises, including unauthorized access, large-scale data exfiltration, and lateral movement across the environment.
Affected MongoDB Versions- Version 8.2: 8.2.0 – 8.2.2
- Version 8.0: 8.0.0 – 8.0.16
- Version 7.0: 7.0.0 – 7.0.27
- Version 6.0: 6.0.0 – 6.0.26
- Version 5.0: 5.0.0 – 5.0.31
- Version 4.4: 4.4.0 – 4.4.29
- All 4.2.x versions
- All 4.0.x versions
- All 3.6.x versions