CVE-2025-50095
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-15

Last updated on: 2025-07-16

Assigner: Oracle

Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-15
Last Modified
2025-07-16
Generated
2026-05-07
AI Q&A
2025-07-15
EPSS Evaluated
2026-05-05
NVD
CVE-2025-50095
EUVD
EUVD-2025-21485
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
oracle mysql From 9.0.0 (inc) to 9.3.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the MySQL Server's Optimizer component for versions 9.0.0 to 9.3.0. It allows a highly privileged attacker with network access through multiple protocols to exploit the server easily. The attacker can cause the MySQL Server to hang or crash repeatedly, resulting in a denial of service (DoS).


How can this vulnerability impact me? :

The vulnerability can impact you by allowing an attacker with high privileges and network access to cause the MySQL Server to become unresponsive or crash repeatedly. This leads to a denial of service, disrupting availability of the database services.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart