THREATOPS
THREAT OPSThreat News › Merry Christmas Day! Have a MongoDB security incident.

Merry Christmas Day! Have a MongoDB security incident.

lowdoublepulsarPublished 2025-12-26

<p>Somebody from Elastic Security decided to post an exploit for CVE-2025–14847 on Christmas Day.</p><p>Here’s said exploit:</p><p><a href="https://github.com/joe-desimone/mongobleed/">GitHub - joe-desimone/mongobleed</a></p><p>The vuln, which dropped just before Christmas, in theory allowed memory read without authentication. Patches are available. It impacts every version of MongoDB going back a

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://doublepulsar.com/merry-christmas-day-have-a-mongodb-security-incident-9537f54289eb?source=rss----8343faddf0ec---4