MySQL Server Vulnerability Exploiting Optimizer by Oracle
CVE-2025-50087

4.9MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Cluster; Mysql Server
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-50087?

A vulnerability exists in the Oracle MySQL Server affecting multiple versions, particularly within the Server: Optimizer component. This issue allows high-privileged attackers with network access through various protocols to potentially compromise the MySQL Server. Successful exploitation can lead to unauthorized creation, modification, or deletion of critical data, affecting the integrity of all accessible data within the MySQL Server environment.

Affected Version(s)

MySQL Cluster 7.6.0 <= 7.6.34

MySQL Cluster 8.0.0 <= 8.0.42

MySQL Cluster 8.4.0 <= 8.4.5

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 11, 2025