CVE-2025-30687: 
MySQL vulnerability analysis and mitigation

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer) affects versions 8.0.0-8.0.41, 8.4.0-8.4.4, and 9.0.0-9.2.0. This vulnerability was disclosed on April 15, 2025, and allows low privileged attackers with network access to compromise MySQL Server via multiple protocols (Oracle CPU, NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The scoring indicates that the vulnerability is network-accessible, requires low attack complexity, needs low privileges, and doesn't require user interaction. The vulnerability only impacts system availability, with no effects on confidentiality or integrity (Oracle CPU, NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DOS) of MySQL Server (Oracle CPU).

Oracle has released patches for affected versions through its Critical Patch Update (CPU) of April 2025. Users are strongly advised to apply these security patches as soon as possible (Oracle CPU).