Overview CVE ID: CVE-2025-14847 Published: December 19, 2025 Severity (CVSS): 8.7 (High) Affected Software/Versions: MongoDB 8.2.0 through 8.2.2 MongoDB 8.0.0 through 8.0.16 MongoDB 7.0.0 ...

Sherlock Scenario You were contacted early this morning to handle a high‑priority incident involving a suspected compromised server. The host, mongodbsync, is a secondary MongoDB server. According ...

CVE-2025-30208 is an arbitrary file read vulnerability in Vite development servers caused by improper handling of the @fs feature and malformed query parameters. When the dev server is exposed usin...

Vulnerability summary CVE‑2021‑32803 – Arbitrary File Creation/Overwrite in node‑tar (npm tar package) This vulnerability affects the npm package “tar” (also known as node‑tar) in versions before ...