A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
December 27, 2025
5:50
0.96 MB ( 3.94 MB less)
Downloads: 0
MongoDB Unauthenticated Attacker Sensitive Memory Leak CVE-2025-14847
Over the Christmas holiday, MongoDB patched a sensitive memory leak vulnerability that is now actively being exploited
https://www.mongodb.com/community/forums/t/important-mongodb-patch-available/332977
https://github.com/mongodb/mongo/commit/505b660a14698bd2b5233bd94da3917b585c5728
https://www.ox.security/blog/attackers-could-exploit-zlib-to-exfiltrate-data-cve-2025-14847/
https://github.com/joe-desimone/mongobleed/