Oracle MySQL Server Thread Pooling Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically in the Server: Thread Pooling component. This vulnerability affects MySQL versions 8.0.0 through 8.0.44, 8.4.0 through 8.4.7, and 9.0.0 through 9.5.0. The issue is easily exploitable, allowing a high-privileged attacker with network access via multiple protocols to disrupt MySQL Server operations. Successful exploitation can lead to a complete denial-of-service condition, causing the server to hang or crash frequently and repetitively.

Impact

Exploitation of this vulnerability can cause MySQL Server to hang or crash, leading to a complete denial-of-service condition.

Added: Jan 20, 2026, 10:52 PM

Updated: Jan 20, 2026, 10:52 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

2.5

exploitability

4.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Thread Pooling Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating