CVE-2025-14847— Zlib compressed protocol header length confusion may allow memory read
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-14847
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Zlib compressed protocol header length confusion may allow memory read
Source: NVD (National Vulnerability Database)
Vulnerability Description
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
长度参数不一致性处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
MongoDB Server 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server存在安全漏洞,该漏洞源于Zlib压缩协议头长度不匹配,可能导致读取未初始化内存。以下版本受到影响:v7.0 7.0.28之前版本、v8.0 8.0.17之前版本、v8.2 8.2.3之前版本、v6.0 6.0.27之前版本、v5.0 5.0.32之前版本、v4.4 4.4.30之前版本、v4.2 4.2.0及之后版本、v4.0
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| MongoDB Inc. | MongoDB Server | 8.2 ~ 8.2.3 | - |
II. Public POCs for CVE-2025-14847
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | MongoDB 内存泄露漏洞 (CVE-2025-14847) 检测工具 | https://github.com/onewinner/CVE-2025-14847 | POC Details |
| 2 | poc for CVE-2025-14847 | https://github.com/ProbiusOfficial/CVE-2025-14847 | POC Details |
| 3 | a critical memory disclosure vulnerability in MongoDB's zlib compression handling. This tool allows security researchers to extract sensitive data from vulnerable MongoDB instances. | https://github.com/cybertechajju/CVE-2025-14847_Expolit | POC Details |
| 4 | None | https://github.com/KingHacker353/CVE-2025-14847_Expolit | POC Details |
| 5 | CVE-2025-14847 | https://github.com/Ashwesker/Blackash-CVE-2025-14847 | POC Details |
| 6 | MongoDB CVE-2025-14847 Heap Memory Leak Scanner | OP_COMPRESSED zlib Vulnerability | Bug Bounty & Red Team Tool | https://github.com/Black1hp/mongobleed-scanner | POC Details |
| 7 | golang test tool for mongobleed (cve-2025-14847) | https://github.com/nma-io/mongobleed | POC Details |
| 8 | None | https://github.com/saereya/CVE-2025-14847---MongoBleed | POC Details |
| 9 | The script focuses on safe artifact acquisition first, followed by optional on-host analysis, and produces a portable, hashed forensic archive suitable for offline investigation on a forensic workstation. | https://github.com/JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847 | POC Details |
| 10 | Explot, Lab, Scanner - external and docker container, for SMongobleed-CVE-2025-14847 plus phoenix security uploader | https://github.com/franksec42/mongobleed-exploit-CVE-2025-14847 | POC Details |
| 11 | Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0. | https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2025/CVE-2025-14847.yaml | POC Details |
| 12 | CVE-2025-14847 | https://github.com/Ashwesker/Ashwesker-CVE-2025-14847 | POC Details |
| 13 | CVE-2025-14847 – MongoDB Unauthenticated Memory‑Leak Exploit | https://github.com/lincemorado97/CVE-2025-14847 | POC Details |
| 14 | Exploit lab, docker and code scanner for mongobleed Vulnerability CVE-2025-14847 plus Phoenix Security Sync tools | https://github.com/Security-Phoenix-demo/mongobleed-exploit-CVE-2025-14847 | POC Details |
| 15 | Academic proof-of-concept demonstrating CVE-2025-14847 for authorized security research. | https://github.com/chinaxploiter/CVE-2025-14847-PoC | POC Details |
| 16 | Detect exposed MongoDB instances and CVE-2025-14847 "MongoBleed" risks — Zero-Trust Python scanner | https://github.com/14mb1v45h/CYBERDUDEBIVASH-MONGODB-DETECTOR-v2026 | POC Details |
| 17 | MongoBleed: CVE-2025-14847 Memory Leak Discovery Tool | https://github.com/kuyrathdaro/cve-2025-14847 | POC Details |
| 18 | CVE-2025-14847 (MongoBleed) | https://github.com/joshuavanderpoll/CVE-2025-14847 | POC Details |
| 19 | Context-Aware Memory Leak Scanner & Exploit for CVE-2025-14847. | https://github.com/tunahantekeoglu/MongoDeepDive | POC Details |
| 20 | Remake of CVE-2025-14847 MongoDB vulnerability demonstration | https://github.com/vfa-tuannt/CVE-2025-14847 | POC Details |
| 21 | Burp Suite extension to detect CVE-2025-14847 (MongoBleed) via manual leak tests from a dedicated UI tab. | https://github.com/j0lt-github/mongobleedburp | POC Details |
| 22 | CVE-2025-14847 MongoBleed - MongoDB Memory Leak Vulnerability PoC | https://github.com/FurkanKAYAPINAR/CVE-2025-14847-MongoBleed-Exploit | POC Details |
| 23 | This repo contains my python script version of CVE-2025-14847 (MongoBleed) | https://github.com/NoNameError/MongoBLEED---CVE-2025-14847-POC- | POC Details |
| 24 | None | https://github.com/Rishi-kaul/CVE-2025-14847-MongoBleed | POC Details |
| 25 | MongoBleed CVE-2025-14847 Vulnerability Checker | https://github.com/Systemhaus-Schulz/MongoBleed-CVE-2025-14847 | POC Details |
| 26 | CVE-2025-14847 exploit for MongoDB heap memory disclosure | https://github.com/demetriusford/mongobleed | POC Details |
| 27 | MongoBleed (CVE-2025-14847) Lab & PoC : A complete educational environment to reproduce the critical unauthenticated memory leak in MongoDB. Includes a vulnerable Docker container with multi-database seeding (PII, API keys) and a Python exploit to demonstrate data extraction. Ideal for security research and awareness. 1-day analysis. | https://github.com/ElJoamy/MongoBleed-exploit | POC Details |
| 28 | Mongobleed Detector CVE-2025-14847 | https://github.com/keraattin/Mongobleed-Detector-CVE-2025-14847 | POC Details |
| 29 | CVE-2025-14847 MongoDB Memory Leak Exploit | https://github.com/waheeb71/CVE-2025-14847 | POC Details |
| 30 | Full automation check for CVE-2025-14847 MonogBleed- Finds origin IP and tests for exploit. | https://github.com/CadGoose/MongoBleed-CVE-2025-14847-Fully-Automated-scanner | POC Details |
| 31 | CVE-2025-14847 explaination and lab | https://github.com/AdolfBharath/mongobleed | POC Details |
| 32 | None | https://github.com/sahar042/CVE-2025-14847 | POC Details |
| 33 | CVE-2025-14847 | MongoBleed vulnerability proof of concept project | https://github.com/peakcyber-security/CVE-2025-14847 | POC Details |
| 34 | None | https://github.com/alexcyberx/CVE-2025-14847_Expolit | POC Details |
| 35 | 🛠 Exploit the CVE-2025-14847 vulnerability in MongoDB to disclose sensitive heap memory using a Python script that analyzes responses for new leaked data. | https://github.com/sakthivel10q/CVE-2025-14847 | POC Details |
| 36 | 🔍 Scan for MongoDB vulnerabilities with MongoBleed, a high-performance tool for detecting CVE-2025-14847 across large networks quickly and efficiently. | https://github.com/pedrocruz2202/mongobleed-scanner | POC Details |
| 37 | 🛡️ Detect vulnerable MongoDB instances with the high-performance MongoBleed scanner for CVE-2025-14847, ensuring network security and data protection. | https://github.com/pedrocruz2202/pedrocruz2202.github.io | POC Details |
| 38 | 🛠 Exploit the CVE-2025-14847 MongoDB vulnerability to reveal sensitive information through crafted zlib-compressed packets and real-time output. | https://github.com/sakthivel10q/sakthivel10q.github.io | POC Details |
| 39 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E6%95%B0%E6%8D%AE%E5%BA%93%E6%BC%8F%E6%B4%9E/MongoDB%20Zlib%20%E5%8E%8B%E7%BC%A9%E5%8D%8F%E8%AE%AE%E5%A0%86%E5%86%85%E5%AD%98%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E%20CVE-2025-14847.md | POC Details |
| 40 | CVE-2025-14847 PoC exploit for MongoDB heap memory disclosure | https://github.com/im-hanzou/mongobleed | POC Details |
| 41 | This script is used to identify MongoDB services that are network-exposed and allow unauthenticated protocol handshakes. | https://github.com/amnnrth/CVE-2025-14847 | POC Details |
| 42 | None | https://github.com/InfoSecAntara/CVE-2025-14847-MongoDB | POC Details |
| 43 | CVE-2025-14847 (MongoBleed) scanner and exploit tool. Unauthenticated MongoDB heap memory leak via zlib decompression. Detection, memory extraction, credential parsing, CIDR/batch scanning, Nuclei templates, and CTF lab included | https://github.com/sho-luv/MongoBleed | POC Details |
| 44 | CVE-2025-14847 | https://github.com/zaryouhashraf/CVE-2025-14847 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-14847
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: MongoDB Server
- CVE-2026-8063
Post-auth null pointer dereference when aggregating against - CVE-2026-6915
Flaw in the updateUser Command May Allow Unauthorized Config - CVE-2026-6914
MD5 checksum creation may cause availability loss - CVE-2026-5170
Users could trigger a crash of mongod primaries during promo - CVE-2026-4358
Memory safety issues in slot-based execution hash table spil
Same vendor: MongoDB Inc.
- CVE-2026-8063
Post-auth null pointer dereference when aggregating against - CVE-2026-6691
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow - CVE-2026-6231
bson_validate may skip validation when processing certain in - CVE-2025-14345
Cross-Shard Failovers May Lead to Partial Transaction Commit - CVE-2025-13644
MongoDB may be susceptible to Invariant Failure due to batch
Same weakness: CWE-130
- CVE-2026-5766
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33846
Gnutls: gnutls: denial of service via heap buffer overflow i - CVE-2026-3868
Moxa EDR-8010 Series和Moxa EDR-G9010 Series 安全漏洞 - CVE-2026-5265
Ovn: ovn: heap over-read in icmp error response generation - - CVE-2026-5367
Ovn: ovn: information disclosure via crafted dhcpv6 packets
V. Comments for CVE-2025-14847
No comments yet