MongoDB, one of the world’s most widely used NoSQL databases, stores and manages structured, semi-structured, and unstructured data using JSON-like documents organized within collections. This ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Attackers are actively exploiting a critical vulnerability in MongoDB to steal sensitive information directly from an affected server's memory. The attacks appear to have started on Dec. 29, barely ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive ordering federal agencies to patch a high-severity MongoDB vulnerability that is being actively ...

Cybersecurity authorities in the U.S. and Australia are warning that a critical vulnerability in MongoDB and MongoDB Server is being actively exploited in the wild and represents a threat for ...

Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. Threat actors started exploiting a high-severity MongoDB ...

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability ...

Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day behave in unexpected ways. Old flaws resurfaced.

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the ...

Document database vendor MongoDB has advised customers to update immediately following the discovery of a flaw that could allow unauthenticated users to read uninitialized heap memory. Designated ...

Update 12/26/25: Article updated to correct that the flaw has not been officially classified as an RCE. MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that ...