A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. The attacker focuses on the low-hanging fruit, ...

Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. Threat actors started exploiting a high-severity MongoDB ...

A researcher has decided to demonstrate how a high-severity MongoDB vulnerability, tracked as CVE-2025-14847 and dubbed MongoBleed, can be exploited and affect multiple supported and legacy MongoDB ...

According to the details about the vulnerability published shortly before Christmas, attackers can exploit a flaw in the zlib compression software to access non-reset dynamic memory (heap memory).

A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), ...

Update 12/26/25: Article updated to correct that the flaw has not been officially classified as an RCE. MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that ...

MongoDB surpassed third-quarter expectations and lifted its forecast as it benefits from AI and its Atlas platform gains popularity. CEO Chirantan "CJ" Desai said the company is approaching a "once in ...

Dev Ittycheria, who took MongoDB public in 2017, is stepping down as CEO. He's being replaced by Cloudflare executive Chirantan "CJ" Desai, effective Nov. 10. Desai spent the past year as Cloudflare's ...

It’s a bit difficult to imagine, but a man who wears a rubber chicken around his neck and seemingly has never worn a pair of shoes in his life may just have changed Memphis history. We are talking, of ...