Friday, 10 July 2026

MongoDB releases security updates

A critical security vulnerability (CVE-2025-14847) has been discovered in the MongoDB. A malicious user could exploit this vulnerability to trigger sensitive information disclosure on the targeted system. This vulnerability affects the following versions of the MongoDB:

  • MongoDB 8.2.0 through 8.2.3;
  • MongoDB 8.0.0 through 8.0.16;
  • MongoDB 7.0.0 through 7.0.26;
  • MongoDB 6.0.0 through 6.0.26;
  • MongoDB 5.0.0 through 5.0.31;
  • MongoDB 4.4.0 through 4.4.29;
  • All MongoDB Server v4.2 versions;
  • All MongoDB Server v4.0 versions;
  • All MongoDB Server v3.6 versions.

Security vulnerability was fixed in MongoDB 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, 4.4.30.

More information on vulnerability and updates is available on MongoDB security advisory – mongodb.org.

26 December 2025

-
29