MongoDB Unauthenticated Attacker Sensitive Memory Leak
Critical MongoDB Memory Leak
The Situation: A major vulnerability allows unauthenticated attackers to remotely leak sensitive data from MongoDB server memory. No login is required.
CVE: CVE-2025-14847
The Story: A flaw in zlib compression allows attackers to trigger information leakage. By sending malformed network packets, an attacker can extract fragments of private data.