MySQL Server Vulnerability in Oracle Products
CVE-2025-50080

4.9MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Server
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-50080?

The MySQL Server product from Oracle is affected by a vulnerability allowing a high-privileged attacker with network access to exploit stored procedures. This easily exploitable flaw can lead to significant disruptions, causing the MySQL Server to hang or crash repeatedly, resulting in service denial. Affected versions include MySQL Server 8.0.0 to 8.0.42, 8.4.0 to 8.4.5, and 9.0.0 to 9.3.0, highlighting the importance of immediate action to protect database integrity.

Affected Version(s)

MySQL Server 8.0.0 <= 8.0.42

MySQL Server 8.4.0 <= 8.4.5

MySQL Server 9.0.0 <= 9.3.0

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 11, 2025