MySQL is a widely used relational database based on SQL and built for scalability.

MySQL

The MySQL Client C API is a collection of C functions that give C programs a way to interact with the MySQL server. It forms the core of the MySQL Connector for the C programming language. The API enables the creation of database-driven client programs, providing functionality for versatile database operations.

MySQL Client C API

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Percona Server for MySQL is an enhanced, open-source drop-in replacement for MySQL. It offers improved performance, scalability, and instrumentation features compared to standard MySQL. Percona Server includes advanced features like thread pool, enhanced auditing, and improved query optimization, making it suitable for high-performance database environments.

Percona Server for MySQL

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

Project Photon OS is an open-source, minimal Linux container host that is optimized for cloud-native applications, cloud platforms, and VMware infrastructure.

Linux Photon

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. While the vulnerability is in MySQL Shell, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Shell accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N).

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-53054	MEDIUM	5.5	MySQL	mecab-ipadic	No	Yes	Oct 21, 2025
CVE-2025-53053	MEDIUM	5.5	MySQL	mecab	No	Yes	Oct 21, 2025
CVE-2025-53069	MEDIUM	4.9	MySQL	mysql	No	Yes	Oct 21, 2025
CVE-2025-53067	MEDIUM	4.9	MySQL	cpe:2.3:a:oracle:mysql_server	No	Yes	Oct 21, 2025
CVE-2025-53062	MEDIUM	4.9	MySQL	mysql8.4-test	No	Yes	Oct 21, 2025

CVE-2022-39402:
MySQL vulnerability analysis and mitigation

Overview

Technical details

Mitigation and workarounds

Additional resources

4.3

Related MySQL vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2022-39402: MySQL vulnerability analysis and mitigation