CVE-2025-21492

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.36 and prior MySQL Server version 8.4.0

Description The issue is related to the Server: Optimizer component of Oracle MySQL Server and is caused by inadequate authorization procedure due to incorrect input validation. This can be exploited by a remote attacker to cause a denial of service. Successful attacks can result in the unauthorized ability to cause a hang or frequently repeatable crash of MySQL Server.

Recommendations For MySQL Server versions 8.0.36 and prior, update to a version later than 8.0.36 to resolve the issue. For MySQL Server version 8.4.0, update to a version later than 8.4.0 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.