CVE-2025-10491 — The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This iss — CVE Database · The Intelligence Room