CVE-2025-10491 | MongoDB Server up to 6.0.24/7.0.20/8.0.4 on Windows MSI Installation access control

A vulnerability categorized as critical has been discovered in MongoDB Server up to 6.0.24/7.0.20/8.0.4 on Windows. The impacted element is an unknown function of the component MSI Installation Handler. Such manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2025-10491. Local access is required to approach this attack. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More