CISA orders feds to patch MongoBleed flaw exploited in attacks
CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to secure their systems against a high-severity MongoDB flaw that is actively being exploited in attacks.
Dubbed MongoBleed and tracked as CVE-2025-14847, this vulnerability was patched on December 19, 2025, and it stems from how MongoDB Server processes network packets using the zlib library for data compression.
Related breach coverage
- CISA orders feds to patch actively exploited Geoserver flaw2025-12-12
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. [...]
- CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers2025-10-30
CISA has ordered federal agencies to patch a high-severity vulnerability in Broadcom's VMware Aria Operations and VMware Tools software, exploited by Chinese hackers since October 2024. [...]
- CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks2026-01-12
CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. [...]
- CISA warns of WatchGuard firewall flaw exploited in attacks2025-11-13
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices. [...]