CVE-2026-21949

Medium CVSS: 6.5

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vendor

Oracle

Product

Mysql Server

CWE

CWE-400

Yayın Tarihi

2026-01-20 22:15:57

Güncelleme

2026-01-29 15:22:31

Source Identifier

secalert_us@oracle.com

KEV Date Added

Kategoriler

CWE-400 Mysql Server MEDIUM Oracle 2026

Referanslar

https://www.oracle.com/security-alerts/cpujan2026.html

Benzer Kayıtlar

Critical

CVE-2026-21992

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracl…

Critical

CVE-2026-21994

Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit product of Oracle Open Source P…

Medium

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names.

Medium

CVE-2026-21985

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…

High

CVE-2026-21986

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…

High

CVE-2026-21987

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a…