CVE Catalog

CVE-2026-46862

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.47%

37th percentile — higher than 37% of all known CVEs

Summary

Vulnerability in the MySQL Router product of Oracle MySQL allows an unauthenticated attacker with network access via TLS to compromise MySQL Router. Successful attacks can result in hanging or frequently repeatable crashes (complete DOS) of MySQL Router.

Risk Assessment

The risk to the organization involves the potential for Denial of Service attacks, which can lead to downtime of services relying on MySQL Router.

Recommendation

It is recommended to update MySQL Router to the latest version to mitigate this vulnerability and to monitor network access for potential attacks.

Original NVD description (English source)

Vulnerability in the MySQL Router product of Oracle MySQL (component: Router: General). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Router. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Router. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS