Oracle MySQL Server Pluggable Authentication Vulnerability Allowing Partial Denial-of-Service

Vulnerability

A vulnerability has been identified in Oracle MySQL Server versions 9.0.0 through 9.5.0, specifically within the Pluggable Authentication component. This easily exploitable vulnerability allows a high-privileged attacker with network access to MySQL Server via multiple protocols to cause a partial denial-of-service. The issue arises in the authentication process, where improper handling can lead to service disruptions.

Impact

Exploitation of this vulnerability can cause a partial denial-of-service on the MySQL Server, disrupting normal operations but not completely shutting down the service.

Added: Jan 20, 2026, 10:52 PM

Updated: Jan 20, 2026, 10:52 PM

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

0.6

exploitability

4.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

0.6

exploitability

4.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle MySQL Server Pluggable Authentication Vulnerability Allowing Partial Denial-of-Service

Vulnerability

Impact

Affected Products

Oracle MySQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating