CVE-2025-53069: 
MySQL vulnerability analysis and mitigation

A vulnerability has been identified in the MySQL Server product of Oracle MySQL, specifically in the Server: Components Services component. The affected versions include MySQL Server 8.0.0-8.0.43, 8.4.0-8.4.6, and 9.0.0-9.4.0. This vulnerability was disclosed in October 2025 (Oracle CPU).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity). The CVSS vector string is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, indicating that it is network-accessible, requires low attack complexity, needs high privileges, requires no user interaction, has unchanged scope, and only impacts availability (Oracle CPU).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DoS) of MySQL Server. The vulnerability only affects the availability of the system, with no impact on confidentiality or integrity (Oracle CPU).

Oracle has released patches to address this vulnerability as part of the October 2025 Critical Patch Update. Organizations running affected versions of MySQL Server should upgrade to the latest patched versions (Oracle CPU).