NOMISEC-sahar042/CVE-2025-14847

NOMISEC WORKING POC

Exploit for CVE-2025-14847 - MongoDB Memory Disclosure (CVE-2025-14847) - Mongobleed

AI Analysis

This PoC exploits CVE-2025-14847 (MongoBleed) by sending malformed OP_COMPRESSED messages to MongoDB, triggering an information leak via error responses. It probes for leaked field names and BSON types, potentially exposing sensitive data.

Attack Type

info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1005 - Data from Local System T1082 - System Information Discovery

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type infoleak

Files 3

https://github.com/sahar042/CVE-2025-14847

Stars 0

Forks 0

Last Push Jan 11, 2026

Authors

sahar042

Vulnerability

CVE-2025-14847

MongoDB Memory Disclosure (CVE-2025-14847) - Mongobleed

HIGH KEV

CVSS 7.5