Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps - Status | Demo | Docs | Install
  1. Cloudron Forum
  2. Discuss
  3. Should I worry about MongoDB Vulnerability CVE-2025-14847

Should I worry about MongoDB Vulnerability CVE-2025-14847

Scheduled Pinned Locked Moved Discuss
4 Posts 3 Posters 162 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • swheeler78S Offline
    swheeler78S Offline
    swheeler78
    wrote on last edited by swheeler78
    #1

    There's been a lot of headlines about this in the tech world. Surprised it hasn't shown up here.

    https://thehackernews.com/2025/12/mongodb-vulnerability-cve-2025-14847.html

    https://www.bleepingcomputer.com/news/security/exploited-mongobleed-flaw-leaks-mongodb-secrets-87k-servers-exposed/

    1 Reply Last reply
    1
    • nebulonN Away
      nebulonN Away
      nebulon
      Staff
      wrote on last edited by
      #2

      If I understand this correctly, this would require access to the database (although unauthorized) in the first place. In Cloudron mongodb (like the other services/addons) are not exposed to the public internet. Only apps have access to and those already get a set of credentials anyways. So unless an app is attempting to exploit this, which would mean the app itself is already compromised, I don't see how this affects Cloudron deployments.

      If anyone has more insights or understanding here, this would be good to know.

      1 Reply Last reply
      1
      • swheeler78S Offline
        swheeler78S Offline
        swheeler78
        wrote on last edited by
        #3

        Ok, That's what I thought. But I figured I'd ask.

        1 Reply Last reply
        1
        • girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #4

          We already fixed this - https://git.cloudron.io/platform/box/-/commit/a02e933375e5ef6b833029acee1bae969e1203fe . We are working on a final update to 9.0 with various UI fixes and this change will be part of that (i.e 9.0.16).

          1 Reply Last reply
          3

          Hello! It looks like you're interested in this conversation, but you don't have an account yet.

          Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

          With your input, this post could be even better 💗

          Register Login
          Reply
          • Reply as topic
          Log in to reply
          • Oldest to Newest
          • Newest to Oldest
          • Most Votes

          • Login
          • Don't have an account? Register
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • Bookmarks
          • Search