mysql security

Oracle’s MySQL Server contains a stability flaw in its query optimizer that can be triggered remotely by a low‑privileged, network‑accessible account to hang or repeatedly crash the server process, producing a reliable denial‑of‑service condition for affected MySQL instances. Background /...

Oracle’s January 2024 Critical Patch Update included a formally tracked flaw—CVE-2024-20965—that targets the MySQL Server Optimizer and can be exploited to cause a sustained or repeatedly reproducible denial-of-service (DoS) condition. Affected upstream releases include MySQL 8.0.35 and earlier...

Oracle’s January 2024 security advisory revealed a stability flaw in the MySQL Server optimizer that can be triggered remotely by a low‑privilege, network‑accessible account to hang or repeatedly crash the server process, producing a reliable denial‑of‑service (DoS) condition for affected MySQL...

Oracle’s MySQL Server was assigned CVE‑2024‑20963 — a denial‑of‑service weakness in the Server: Security: Encryption component that affects MySQL Server releases up to and including 8.0.35 and the corresponding 8.2.0 line — and operators should treat it as an availability emergency until...

Oracle’s MySQL Server contains a denial-of-service weakness in the Server: Optimizer component (tracked as CVE-2024-21171) that can be triggered remotely by a low‑privilege, network‑connected MySQL account to cause the server to hang or repeatedly crash, producing a complete loss of availability...

A denial‑of‑service flaw in Oracle’s MySQL Server (tracked as CVE‑2025‑50101) lets an attacker who already holds high‑privilege MySQL credentials trigger optimizer and stored‑procedure code paths that cause mysqld to hang or crash repeatedly, producing a sustained or persistent loss of...

Oracle’s July 2025 MySQL server advisory (CVE‑2025‑50104) identified a low‑severity denial‑of‑service weakness in the MySQL Server Server: DDL component that affects upstream MySQL releases up to and including 8.0.42 (and corresponding 8.4.x and 9.x series), and vendors and distributors...

Oracle’s July 2025 Critical Patch Update disclosed a denial‑of‑service weakness in MySQL Server — tracked as CVE‑2025‑50094 — that can be triggered over the network by a high‑privilege database account to repeatedly crash or hang mysqld, producing sustained or persistent loss of availability...

The MySQL Server vulnerability tracked as CVE-2025-50082 is a post‑compromise denial‑of‑service flaw in MySQL’s server components (optimizer / InnoDB and related stored‑procedure paths) that allows an attacker who already possesses elevated database privileges to repeatedly crash or hang the...

Oracle’s MySQL Server has a denial‑of‑service vulnerability in the Server: Optimizer component (tracked as CVE‑2025‑50091) that affects a wide swath of modern releases and can be triggered remotely by high‑privileged MySQL accounts to repeatedly crash or hang the server, producing a total loss...