MySQL Client Vulnerability in Oracle's Database System
CVE-2025-50081

3.1LOW

Key Information:

Vendor: Oracle
Status: Mysql Cluster; Mysql Client
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-50081?

A vulnerability exists in the MySQL Client component of Oracle MySQL that enables a high-privileged attacker to exploit the system through various network protocols. The flaw, while not easily exploited, requires human interaction from an external individual to succeed. When successfully executed, it could lead to unauthorized updates, data inserts, deletions, or even unauthorized reading of data accessible through the MySQL Client. The affected versions of MySQL Client include specific releases in the 8.0 and 9.x series, underscoring the importance of timely updates to mitigate potential risks.

Affected Version(s)

MySQL Client 8.0.0 <= 8.0.42

MySQL Client 8.4.0 <= 8.4.5

MySQL Client 9.0.0 <= 9.3.0

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 11, 2025