Mongol: MongoDB Heartbleed‑Style Memory Leak
- A new CVE dubbed “Mongol” was publicly disclosed on Christmas, letting unauthenticated attackers leak sensitive server memory from MongoDB instances.
- The flaw mirrors the 2014 Heartbleed bug in OpenSSL, exploiting an out‑of‑bounds read caused by mismatched compression handling.