Fact-check: The article is sourced directly from CISA, a verified government agency, and the details about CVE-2025-14847 align with their official alerts and known practices in critical infrastructure security. Cross-referencing with current events and X shows no contradictions, confirming the claims as accurate and well-supported. This fits within the 'Critical Infrastructure' context as a legitimate announcement.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added CVE-2025-14847, a MongoDB improper handling of length parameter inconsistency vulnerability, to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. Federal Civilian Executive Branch agencies are required to remediate the vulnerability by the specified due date under Binding Operational Directive 22-01. CISA urges all organizations to prioritize timely remediation as part of their vulnerability management practices.