Denial of Service Vulnerability in MySQL Shell from Oracle
CVE-2026-34317

5MEDIUM

Key Information:

Vendor: Oracle
Status: Mysql Shell
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-34317?

A vulnerability has been identified in Oracle's MySQL Shell, allowing accessible attackers with limited privileges to execute malicious maneuvers causing disruptions. Attackers can exploit this issue if they have access to the system where MySQL Shell operates, leading to the potential for unauthorized denial of service. Successful exploitation requires user interaction from another individual, which can culminate in frequent crashes or hangs of the MySQL Shell.

Affected Version(s)

MySQL Shell 8.0.0 <= 8.0.45

MySQL Shell 8.4.0 <= 8.4.8

MySQL Shell 9.0.0 <= 9.6.0

References

https://www.oracle.com/security-alerts/cpuapr2026.html

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Mar 26, 2026

CVE-2026-34317 Data

JSON