CVE-2025-50087

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and  9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
oracleCNA
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
mysql-8.0
sid
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mariadb
plucky
needs-triage
noble
needs-triage
jammy
dne
mariadb-10.0
plucky
dne
noble
dne
jammy
dne
xenial
needs-triage
mariadb-10.1
plucky
dne
noble
dne
jammy
dne
bionic
needs-triage
mariadb-10.3
plucky
dne
noble
dne
jammy
dne
focal
ignored
mariadb-10.6
plucky
dne
noble
dne
jammy
needs-triage
mysql-5.5
plucky
dne
noble
dne
jammy
dne
trusty
ignored
mysql-5.7
plucky
dne
noble
dne
jammy
dne
bionic
ignored
xenial
ignored
mysql-8.0
plucky
dne
noble
needs-triage
jammy
needs-triage
focal
needs-triage
mysql-8.4
plucky
needs-triage
noble
dne
jammy
dne
percona-server-5.6
plucky
dne
noble
dne
jammy
dne
xenial
needs-triage
percona-xtradb-cluster-5.6
plucky
dne
noble
dne
jammy
dne
xenial
needs-triage
Vulnerability Media Exposure
References
https://www.oracle.com/security-alerts/cpujul2025.html