Percona Operator for MongoDB 1.21.2 (2026-01-12)¶

Release Highlights¶

Security update: Mitigation of heap memory disclosure vulnerability¶

This release includes the fix for security vulnerability CVE-2025-14847: CWE-130 , which is about how MongoDB uses zlib compression library. Attackers with network access to mongod or mongos can extract fragments of uninitialized server memory without authentication if zlib compression is enabled. This memory may contain sensitive data, which poses a serious information disclosure risk.

The issue is resolved upstream and is included in Percona Server for MongoDB 6.0.27-21, 7.0.28-15 and 8.0.17-6. Percona Operator for MongoDB includes these updated Percona Server for MongoDB images.

We strongly recommend upgrading to this latest version of the Operator to ensure your deployments remain secure.

Learn more about the vulnerability in the upstream bug report and in Percona Blog: Urgent Security Update: Patching “Mongobleed” (CVE-2025-14847) in Percona Server for MongoDB .

Supported software¶

The Operator was developed and tested with the following software:

Percona Server for MongoDB 6.0.27-21, 7.0.28-15, and 8.0.17-6
Percona Backup for MongoDB 2.11.0
PMM Client: 2.44.1-1
PMM3 Client: 3.5.0
cert-manager: 1.18.2
LogCollector based on fluent-bit 4.0.1

Other options may also work but have not been tested.

Supported platforms¶

Percona Operators are designed for compatibility with all CNCF-certified Kubernetes distributions. Our release process includes targeted testing and validation on major cloud provider platforms and OpenShift, as detailed below:

Google Kubernetes Engine (GKE) 1.31 - 1.33
Amazon Elastic Kubernetes Service (EKS) 1.31 - 1.34
Azure Kubernetes Service (AKS) 1.31 - 1.33
OpenShift Container Platform 4.16 - 4.19
Minikube 1.37.0 based on Kubernetes v1.34.0

This list only includes the platforms that the Percona Operators are specifically tested on as part of the release process. Other Kubernetes flavors and versions depend on the backward compatibility offered by Kubernetes itself.

Percona certified images¶

Find Percona’s certified Docker images that you can use with the Percona Operator for MongoDB in the following table:

Image	Digest
percona/percona-server-mongodb:8.0.17-6	ae6380469f6b73d3517ec4eae7b2f12ff6310dc2deae8e52fe514276c45e9440
percona/percona-server-mongodb:8.0.17-6 (ARM64)	f1170f8bf68d051816cd4d956ca1f6ee9885c6cf0e1e5db5dc00a137af3603ee
percona/percona-server-mongodb:7.0.28-15	d131a4375c3e669f97da6cdf5eef847099c731fd956341345f37e6e6fb68d699
percona/percona-server-mongodb:7.0.28-15 (ARM64)	6bc8ee24a7e60ec8ef32002165584320b9cc0eb6067a5f304cee6f1ea708f9b3
percona/percona-server-mongodb:6.0.27-21	2bd82853fd207ecadc8e5cd3ee598db7b9943f6976d9ae2140f5bdc997b0e8bb
percona/percona-server-mongodb:6.0.27-21 (ARM64)	a23e4fa1b956299fb7403eef70082b13b3ecf75e51bba12f674f552508a42d61
percona/percona-backup-mongodb:2.11.0	d09f5de92cfbc5a7a42a8cc86742a07481c98b3b42cffdc6359b3ec1f63de3a5
percona/percona-backup-mongodb:2.11.0 (ARM64)	a60d095439537b982209582d428b3b39a01e31e88b2b62d2dcbd99ea4e2d9928
percona/pmm-client:2.44.1-1	52a8fb5e8f912eef1ff8a117ea323c401e278908ce29928dafc23fac1db4f1e3
percona/pmm-client:2.44.1-1 (ARM64)	390bfd12f981e8b3890550c4927a3ece071377065e001894458047602c744e3b
percona/pmm-client:3.5.0	352aee74f25b3c1c4cd9dff1f378a0c3940b315e551d170c09953bf168531e4a
percona/pmm-client:3.5.0 (ARM64)	cbbb074d51d90a5f2d6f1d98a05024f6de2ffdcb5acab632324cea4349a820bd
percona/fluentbit:4.0.1	a4ab7dd10379ccf74607f6b05225c4996eeff53b628bda94e615781a1f58b779
percona/percona-server-mongodb-operator:1.21.2	76d59626914f4d18eb0c19d8e31d2480f7a358daa3ded777cafb7e3717c7508d
percona/percona-server-mongodb-operator:1.21.2 (ARM64)	b6adecc41de81f69a4faf552aeca31c06411f012378be248ead70a538c8ea365

Find previous version images in the documentation archive

Last update: January 12, 2026
Created: January 12, 2026