On December 12, 2025, the MongoDB Security Engineering team discovered a vulnerability known as "Mongobleed," impacting MongoDB Server, but without compromising MongoDB or its managed offering, MongoDB Atlas. Demonstrating its commitment to security, MongoDB quickly validated, developed, tested, and rolled out patches for both Atlas and MongoDB Enterprise Advanced users, completing the patching process by December 18. Customers were proactively informed, and the vulnerability was disclosed through the CVE process on December 19. MongoDB emphasizes that protecting customer data is a top priority, and the company continues to invest in and improve its security measures to maintain trust. The swift response to this vulnerability highlights MongoDB's focus on transparency, rapid action, and ongoing improvement in the fast-evolving software security landscape, as stated by Jim Scharf, MongoDB's Chief Technology Officer.