MySQL Router Vulnerability in Oracle MySQL: Unauthenticated Network Access Risk
CVE-2026-46862

7.5HIGH

Key Information:

Vendor

Oracle

Vendor
CVE Published:
16 June 2026

What is CVE-2026-46862?

An unauthenticated network access vulnerability has been identified in the MySQL Router component of Oracle MySQL. This flaw affects versions 8.4.0 to 8.4.9 and 9.0.0 to 9.7.0. An attacker with network access via TLS could exploit this vulnerability to cause significant disruptions by hanging or frequently crashing the MySQL Router, leading to a Denial of Service (DoS). This poses a significant risk to the availability of MySQL Router, warranting immediate attention and remediation.

Affected Version(s)

MySQL Router 8.4.0 <= 8.4.9

MySQL Router 9.0.0 <= 9.7.0

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.