CVE-2025-53040

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.43 Oracle MySQL versions 8.4.0 through 8.4.6 Oracle MySQL versions 9.0.0 through 9.4.0

Description An issue exists in the Server: Optimizer component of Oracle MySQL Server that allows a high-privileged attacker with network access to compromise the server. Successful exploitation can lead to a denial-of-service condition, causing the server to hang or crash repeatedly.

Recommendations Update Oracle MySQL to a version later than 8.0.43. Update Oracle MySQL to a version later than 8.4.6. Update Oracle MySQL to a version later than 9.4.0.

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2025:23008

ALSA-2025:23109

ALSA-2025:23111

ALSA-2025:23134

ALSA-2025:23137

AZL-68643

AZL-68693

BDU:2025-13385

CVE-2025-53040

OESA-2025-2540

OESA-2025-2541

OESA-2025-2542

OESA-2025-2543

OESA-2025-2544

OESA-2025-2644

RHSA-2025:23008

RHSA-2025:23109

RHSA-2025:23111

RHSA-2025:23134

RHSA-2025:23137

USN-7873-1

USN-8006-1

Affected Products

Almalinux

Centos

Linuxmint

Mysql Server

Oracle Mysql

Red Hat

Rocky Linux

Ubuntu

CVE-2025-53040

Weakness Enumeration

Related Identifiers

Affected Products

References · 82