CVE-2025-30696: 
MySQL vulnerability analysis and mitigation

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS) affects versions 8.0.0-8.0.41, 8.4.0-8.4.4, and 9.0.0-9.2.0. This vulnerability allows high privileged attackers with network access via multiple protocols to compromise MySQL Server (Oracle CPU, NVD).

The vulnerability has a CVSS 3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The attack vector is Network-based, with Low attack complexity, requiring High privileges, and No user interaction. The scope is Unchanged, with No impact on confidentiality and integrity, but High impact on availability (Oracle CPU).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The vulnerability only affects the availability of the system, with no impact on confidentiality or integrity (NVD).

Oracle strongly recommends that customers apply the Critical Patch Update security patches as soon as possible. Until patches are applied, organizations can reduce risk by blocking network protocols required for attacks or removing privileges from users who don't require them, though these should not be considered long-term solutions (Oracle CPU).