A significant vulnerability in the zlib compression library poses a threat to MongoDB servers, allowing unauthenticated attackers to leak sensitive information. Identified as CVE-2025-14847, the flaw enables attackers to send malformed packets over the network to extract data fragments, including user information and API keys, without needing any login credentials. While gathering a full database might require numerous requests, the potential for data theft increases the longer an attacker has access. The vulnerability stems from an issue in MongoDB’s network transport layer, specifically within the message decompression code. The previous implementation incorrectly reported the size of decompressed data, leading to improper memory allocation. A recent patch corrects this by ensuring that only the actual length of the decompressed data is returned. The fix has been implemented in MongoDB’s codebase, addressing the underlying memory corruption issue. For organizations using MongoDB, it’s crucial to update to the latest version that includes this patch or disable zlib decompression altogether. Failure to act could leave systems vulnerable to data exfiltration, highlighting the importance of staying current with security updates in software dependencies.