MongoBleed, officially CVE-2025-14847, is a recently-uncovered extremely sensitive vulnerability affecting basically all versions of MongoDB since ~2017.It is a bug in the zlib1 message compression path in MongoDB.It allows an attacker to read off any uninitialized heap memory, meaning anything that was allocated to memory from a previous database operation could be read.The bug was introduced in 20172. It is dead-easy to exploit - it only requires connectivity to the database (no auth needed). ...