Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpuoct2025.html |
![]() ![]() |
History
Wed, 22 Oct 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-400 | |
Metrics |
ssvc
|
Tue, 21 Oct 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: oracle
Published:
Updated: 2025-10-22T19:36:39.612Z
Reserved: 2025-06-24T16:45:19.422Z
Link: CVE-2025-53053

Updated: 2025-10-22T19:36:34.389Z

Status : Awaiting Analysis
Published: 2025-10-21T20:20:43.453
Modified: 2025-10-22T21:13:03.753
Link: CVE-2025-53053

No data.

No data.