MySQL Shell Vulnerability in Oracle MySQL Exposes System to Attacks
CVE-2026-46850

9.9CRITICAL

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-46850?

An exploitable security vulnerability exists in the MySQL Shell component of Oracle MySQL. This issue affects the specified version, allowing an attacker with low privileges and network access to compromise the MySQL Shell. While the vulnerability primarily targets the MySQL Shell, there is potential for significant impacts on additional products due to the scope of the attack. Successful exploitation can lead to complete takeover of the MySQL Shell, compromising confidentiality, integrity, and availability of the system.

Affected Version(s)

MySQL Shell 2026.2.0+9.6.1

References

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.