A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory.The vulnerability, tracked as CVE-2025-14847 (CVSS score: 8.7), has been described as a case of improper handling of length parameter inconsistency, which arises when a program fails to appropriately tackle scenarios where a length field is inconsistent with the
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/12/new-mongodb-flaw-lets-unauthenticated.html
