19 matches found
CLEANSTART-2026-QL45485 Security fixes for CVE-2025-14847, CVE-2025-58181, CVE-2025-61727, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499 applied in versions: 7.0.30-r0, 7.0.30-r1, 7.0.31-r0, 7.0.32-r0, 8.2.1-r1
Multiple security vulnerabilities affect the mongodb package. These issues are resolved in later releases. See references for individual vulnerability details...
Security Bulletin: Optional Mongo DB images in IBM Automation Decision Services 24.0.x are affected by CVE-2025-14847
Summary CVE-2025-14847 has been reported for the Mongo DB images shipped with IBM Automation Decision Services 24.0.0 and 24.0.1.. An updated version of the image is available. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may...
Security Bulletin: Optional Mongo DB images in IBM Cloud Pak for Business Automation 24.0.x are affected by CVE-2025-14847
Summary CVE-2025-14847 has been reported for the Mongo DB images shipped with IBM Cloud Pak for Business Automation 24.0.x. An updated version of the image is available. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow ...
Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Handling of Length Parameter Inconsistency (CVE-2025-14847)
Summary There is a vulnerability in MongoDB Server used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-14847. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow a read of...
Security Bulletin: Vulnerabilities in MongoDB Server might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Zlib which use by MongoDB server. Vulnerability include mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client as described by t...
Security Bulletin: IBM Sterling Transformation Extender is affected by MongoBleed security vulnerability
Summary IBM Sterling Transformation Extender uses MongoDB and is affected by MongoBleed security vulnerability CVE-2025-14847. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an...
Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb
MongoBleed CVE-2025-14847 Scanner and Exploitation Toolkit...
Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0101)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0101 advisory. - Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an...
About Information Disclosure – MongoDB “MongoBleed” (CVE-2025-14847) vulnerability
About Information Disclosure - MongoDB "MongoBleed" CVE-2025-14847 vulnerability. MongoDB is a popular NoSQL database that stores data as JSON-like documents with an optional schema. The project is licensed under the SSPL. A flaw in MongoDB’s handling of the data length parameter during zlib...
Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb
MongoBleed-Pro ☠️ Advanced MongoDB Memory L...
MongoDB Unauthenicated Uninitialized Heap Memory Leak (MongoBleed) (CVE-2025-14847) (Direct Check)
Binary data mongobleeddirectcheck.nbin...
Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb
CVE-2025-...
Exploit for CVE-2025-14847
MongoBleed - CV...
MongoBleed CVE-2025-14847: Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data
Overview On December 19, 2025, MongoDB Inc. disclosed a critical new vulnerability, CVE-2025-14847, which has since been dubbed MongoBleed. This vulnerability is a high-severity unauthenticated memory leak affecting MongoDB, one of the world's most popular document-oriented databases. While...
MongoDB 3.6.x / 4.0.x / 4.2.x / 4.4.x < 4.4.30 / 5.0.x < 5.0.32 / 6.0.x < 6.0.27 / 7.0.x < 7.0.28 / 8.0.x < 8.0.17 / 8.2.x < 8.2.3 Uninitialized Heap Memory Leak (CVE-2025-14847)
The version of MongoDB installed on the remote host is 3.6.x, 4.0.x, 4.2.x, 4.4.x prior to 4.4.30, 5.0.x prior to 5.0.32, 6.0.x prior to 6.0.27, 7.0.x prior to 7.0.28, 8.0.x prior to 8.0.17, or 8.2.x prior to 8.2.3. It is, therefore, affected by a uninitialized heap memeory leak vulnerability: -...
Exploit for CVE-2025-14847
🩸 MongoBleed - CVE-2025-14847 Security Research Lab...
Exploit for CVE-2025-14847
🩸 MongoBleed Scanner High-Performance MongoDB Heap Memory L...
CVE-2025-14847
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3,...
CVE-2025-14847
MongoDB vulnerability CVE-2025-14847 (MongoBleed) arises from mismatched length fields in zlib decompression headers, allowing unauthenticated read of uninitialized heap memory. Affected versions include MongoDB Server 3.6.x and 4.x lines (various latest vulnerable builds), 5.0.x, 6.0.x, 7.0.x, 8...