NEW YORK, December 30, 2025, 15:47 ET — Regular session.
- MongoDB shares edged lower late Tuesday as traders weighed fallout from the CVE-2025-14847 “MongoBleed” security issue.
- U.S. tracking shows the flaw was added to a catalog of known exploited vulnerabilities, increasing pressure to patch exposed servers.
- The broader market was largely flat in thin year-end trading, keeping single-stock moves contained.
MongoDB, Inc. shares were down about 0.3% at $422.06 in late-afternoon trade on Tuesday, after swinging between $421.85 and $428.22 as investors digested fresh security disclosures around the database maker’s software.
The issue matters now because it affects core infrastructure. “MongoBleed” is tied to CVE-2025-14847 — a standard vulnerability identifier — and involves an “unauthenticated” attack path, meaning an attacker may not need a username or password to try to pull sensitive data from a vulnerable server.
The U.S. National Vulnerability Database said the flaw was added on Dec. 29 to the Cybersecurity and Infrastructure Security Agency’s catalog of known exploited vulnerabilities, with a Jan. 19 remediation deadline for federal civilian agencies. The NVD entry describes the bug as a zlib-compression header issue that may allow an unauthenticated client to read uninitialized memory, and lists patched releases including MongoDB Server 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32 and 4.4.30. 1
MongoDB said in a blog post on Monday that the vulnerability “is not a breach or compromise of MongoDB, MongoDB Atlas (our managed MongoDB Server offering), or our systems,” wrote Chief Technology Officer Jim Scharf. The company said Atlas — its fully managed cloud database service — had been patched, and urged users of MongoDB Server to update to fixed versions. 2
Security firm Tenable said exploit code is publicly available and reports of “in the wild” exploitation have begun, and cited Censys internet-scanning data showing more than 87,000 potentially vulnerable MongoDB instances worldwide. Tenable said exploitation hinges on a vulnerable version being internet-exposed and using zlib compression. 3
MongoDB develops database software and sells Atlas as a database-as-a-service, while also offering self-managed options for customers who run MongoDB in their own environments. 4
For self-hosted users, the practical takeaway is operational: upgrade quickly, or disable zlib-based network compression as a stopgap. That kind of emergency patch cycle can draw scrutiny from security teams and procurement groups at large enterprises.
MongoDB’s muted move came as U.S. stocks stayed range-bound in holiday-thin trade, with technology shares mixed and investors parsing Federal Reserve meeting minutes after a tech-led dip earlier in the week. 5
Investors will be watching for signs the vulnerability triggers customer disruption, follow-on disclosures, or heightened support costs for self-managed users — all headline risks for high-growth software names into year-end positioning.
At the same time, the episode underscores a selling point for managed services: when the vendor controls the environment, patches can be rolled out broadly without requiring customer maintenance windows and internal change approvals.
MongoDB was last at $422.06, leaving the stock close to flat on a day when broader market moves were subdued heading into the final trading session of 2025.
