Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

A denial-of-service vulnerability has been identified in the Oracle MySQL Server product, specifically within the Optimizer component. This issue affects MySQL versions 8.0.0 through 8.0.44, 8.4.0 through 8.4.7, and 9.0.0 through 9.5.0. The vulnerability allows a high-privileged attacker with network access to MySQL Server, via multiple protocols, to cause a hang or a frequently repeatable crash, leading to a complete denial-of-service condition on the server.

Impact

Exploitation of this vulnerability can cause MySQL Server to hang or crash, creating a complete denial-of-service situation.

Added: Jan 20, 2026, 11:05 PM

Updated: Jan 20, 2026, 11:05 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Denial-of-Service Vulnerability in Optimizer Component

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating