Oracle MySQL InnoDB Component Denial-of-Service and Data Manipulation Vulnerability

Vulnerability

A vulnerability exists in the MySQL Server product of Oracle MySQL, specifically in the InnoDB component. Affected versions include 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior. This vulnerability is easily exploitable and allows a high-privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful exploitation can lead to an unauthorized ability to cause a hang or a frequently repeatable crash, resulting in a complete denial-of-service for the MySQL Server. Additionally, it allows unauthorized update, insert, or delete access to some data accessible by the MySQL Server.

Impact

Exploitation of this vulnerability can cause a complete denial-of-service by hanging or frequently crashing the MySQL Server. It also allows unauthorized modifications to data, including updates, inserts, or deletions, depending on the data accessible to the MySQL Server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL InnoDB Component Denial-of-Service and Data Manipulation Vulnerability

Vulnerability

Impact

Affected Products

Oracle MySQL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating