CVE-2025-11535
MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.
| CWE | CWE-276 |
| Vendor | mongodb inc |
| Product | mongodb connector for bi |
| Published | Oct 8, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for mongodb inc mongodb connector for bi
Be the first to know when new unknown vulnerabilities affecting mongodb inc mongodb connector for bi are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
MongoDB Inc / MongoDB Connector for BI
2.0.0 ≤ 2.14.24