Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

A denial-of-service vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically in the Optimizer component. This issue affects MySQL Server versions 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior. The vulnerability is easily exploitable by a low-privileged attacker with network access through multiple protocols, allowing them to cause a hang or a frequently repeatable crash of the MySQL Server.

Impact

Exploitation of this vulnerability leads to a complete denial-of-service condition, causing MySQL Server to hang or crash frequently and repeatably.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating