Tag :
Cyber Security

Summary

Vulnerability Name MongoDB Unauthorized Memory Leak (CVE-2025-14847)
Released on December 29, 2025
Affected Component MongoDB Server
Affected Version
8.2.0 ≤ MongoDB Server ≤ 8.2.2
8.0.0 ≤ MongoDB Server ≤ 8.0.16
7.0.0 ≤ MongoDB Server ≤ 7.0.27
6.0.0 ≤ MongoDB Server ≤ 6.0.26
5.0.0 ≤ MongoDB Server ≤ 5.0.31
MongoDB Server ≤ 4.4.29
MongoDB Server 4.2
MongoDB Server 4.0
MongoDB Server 3.6
Vulnerability Type Memory leak
Exploitation Condition
1. User authentication: not required.
2. Precondition: default configurations.
3. Trigger mode: remote.
Impact Exploitation difficulty: easy. Unauthorized attackers can exploit this vulnerability to leak sensitive information. Severity: critical.
Official Solution Available

About the Vulnerability

Component Introduction

MongoDB Server is an open-source NoSQL database developed by MongoDB. This database offers a variety of features such as collection-based storage, dynamic queries, data replication, and automatic failover.

Vulnerability Description

On December 29, 2025, Sangfor FarSight Labs received notification of the memory leak vulnerability in MongoDB Server (CVE-2025-14847), classified as critical in threat level.

Specifically, MongoDB Server contains a memory leak vulnerability that enables unauthorized attackers to trigger heap memory errors by sending improperly formatted data packets, leading to the reading of memory data and leakage of sensitive information.

Affected Versions

The following MongoDB Server versions are affected:

 
  • 8.2.0 ≤ MongoDB Server ≤ 8.2.2
  • 8.0.0 ≤ MongoDB Server ≤ 8.0.16
  • 7.0.0 ≤ MongoDB Server ≤ 7.0.27
  • 6.0.0 ≤ MongoDB Server ≤ 6.0.26
  • 5.0.0 ≤ MongoDB Server ≤ 5.0.31
  • MongoDB Server ≤ 4.4.29
  • MongoDB Server 4.2
  • MongoDB Server 4.0
  • MongoDB Server 3.6

Solutions

Remediation Solutions

Official Solutions

 
  • If the version of your MongoDB Server is 8.2.x, promptly update it to 8.2.3.
  • If the version of your MongoDB Server is 8.0.x, promptly update it to 8.0.17.
  • If the version of your MongoDB Server is 7.0.x, promptly update it to 7.0.28.
  • If the version of your MongoDB Server is 6.0.x, promptly update it to 6.0.27.
  • If the version of your MongoDB Server is 5.0.x, promptly update it to 5.0.32.
  • If the version of your MongoDB Server is 4.4.x or earlier, promptly update it to 4.4.30.

Download link: https://github.com/mongodb/mongo/tags

Temporary Solution

Avoid exposing your MongoDB Server to the Internet.

Sangfor Solutions

Risky Asset Discovery

The following Sangfor service can conduct proactive detection on MongoDB Server to discover affected assets in batches in business scenarios:

  • Athena Endpoint Protection Platform (EPP): The corresponding asset discovery solution has been released. The fingerprint ID is 0000366.

Proactive Vulnerability Detection

The following Sangfor services can proactively detect CVE-2025-14847 vulnerabilities and quickly identify vulnerability risks in batches in business scenarios:

  • Athena Managed Detection and Response (MDR): The corresponding detection solution will be released on December 30, 2025. The rule ID is SF-2025-01471.
  • Athena Extended Detection and Response (XDR): The corresponding detection solution will be released on December 31, 2025. The rule ID is SF-2025-02450.

Timeline

On December 29, 2025, Sangfor FarSight Labs received notification of the memory leak vulnerability in MongoDB Server (CVE-2025-14847).

On December 29, 2025, Sangfor FarSight Labs released a vulnerability alert.

Reference

https://jira.mongodb.org/browse/SERVER-115508

Learn More

Sangfor FarSight Labs researches the latest cyber threats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyber threats, providing fast and easy protection for customers.

Listen To This Post

Search

Keyword maximum 256 character

Related Articles

Command Injection in the phMonitor Service of Fortinet FortiSIEM (CVE-2025-64155)

Date : 16 Jan 2026
Read Now

XML External Entity Injection (XXE) in Apache Struts (CVE-2025-68493)

Date : 16 Jan 2026
Read Now

Roundup of Microsoft Patch Tuesday (January 2026)

Date : 15 Jan 2026
Read Now

See Other Product

Platform-X
Sangfor Access Secure - A SASE Solution
Sangfor SSL VPN
Best Darktrace Cyber Security Competitors and Alternatives in 2025
Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure

Meet the Author

Sangfor HQ Building

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
See Author's Detail