CVEFinder.io

CVE-2025-53023

🔶 medium
Summary

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVSS Score
4.9
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2025-07-15
First Seen: 2026-01-05
Last Modified 2025-07-31
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-400

🔗 References 1

https://www.oracle.com/security-alerts/cpujul2025.html
Patch Vendor Advisory

📦 Affected Products 3

Vendor Product Status Affected Versions
oracle mysql_cluster Affected
≥ 7.6.0 ≤ 7.6.34
oracle mysql_cluster Affected
≥ 8.0.0 ≤ 8.0.42
oracle mysql_server Affected
≥ 8.0.0 ≤ 8.0.42

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-21936 🔶 medium 4.9 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are... 2026-01-20
CVE-2026-21929 🔶 medium 5.3 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affe... 2026-01-20
CVE-2026-21937 🔶 medium 4.9 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affecte... 2026-01-20
CVE-2026-21941 🔶 medium 4.9 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are a... 2026-01-20
CVE-2026-21948 🔶 medium 4.9 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are a... 2026-01-20
CVE-2026-21949 🔶 medium 6.5 0.0 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are a... 2026-01-20
These CVEs affect the same products