DNA View

CVE-2026-21968

Medium

Low Medium High Critical

6.5

CVSS Score

Published: Jan 20, 2026

Last Modified: Jan 29, 2026

CWE: NVD-CWE-noinfo

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

37 configuration(s) from 1 vendor(s)

mysql_server

Version:

8.0.30

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.30:*:*:*:*:*:*:*

mysql_server

Version:

8.4.1

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.1:*:*:*:*:*:*:*

mysql_server

Version:

9.2.0

CPE:

cpe:2.3:a:oracle:mysql_server:9.2.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.42

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.42:*:*:*:*:*:*:*

mysql_server

Version:

8.0.34

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.34:*:*:*:*:*:*:*

mysql_server

Version:

8.0.31

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.31:*:*:*:*:*:*:*

mysql_server

Version:

8.0.23

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.23:*:*:*:*:*:*:*

mysql_server

Version:

8.0.35

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.35:*:*:*:*:*:*:*

mysql_server

Version:

8.4.2

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.2:*:*:*:*:*:*:*

mysql_server

Version:

8.0.17

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.17:*:*:*:*:*:*:*

mysql_server

Version:

8.0.29

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.29:*:*:*:*:*:*:*

mysql_server

Version:

8.0.36

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.36:*:*:*:*:*:*:*

mysql_server

Version:

9.4.0

CPE:

cpe:2.3:a:oracle:mysql_server:9.4.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.22

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.22:*:*:*:*:*:*:*

mysql_server

Version:

8.4.3

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.3:*:*:*:*:*:*:*

mysql_server

Version:

8.0.33

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.33:*:*:*:*:*:*:*

mysql_server

Version:

9.0.1

CPE:

cpe:2.3:a:oracle:mysql_server:9.0.1:*:*:*:*:*:*:*

mysql_server

Version:

8.4.6

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.6:*:*:*:*:*:*:*

mysql_server

Version:

8.0.37

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.37:*:*:*:*:*:*:*

mysql_server

Version:

8.0.40

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.40:*:*:*:*:*:*:*

mysql_server

Version:

9.1.0

CPE:

cpe:2.3:a:oracle:mysql_server:9.1.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.43

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.43:*:*:*:*:*:*:*

mysql_server

Version:

8.4.4

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.4:*:*:*:*:*:*:*

mysql_server

Version:

8.0.28

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.28:*:*:*:*:*:*:*

mysql_server

Version:

8.4.5

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.5:*:*:*:*:*:*:*

mysql_server

Version:

8.0.27

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.27:*:*:*:*:*:*:*

mysql_server

Version:

9.0.0

CPE:

cpe:2.3:a:oracle:mysql_server:9.0.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.0

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.32

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.32:*:*:*:*:*:*:*

mysql_server

Version:

8.0.38

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.38:*:*:*:*:*:*:*

mysql_server

Version:

8.0.41

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.41:*:*:*:*:*:*:*

mysql_server

Version:

8.0.15

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.15:*:*:*:*:*:*:*

mysql_server

Version:

8.0.26

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.26:*:*:*:*:*:*:*

mysql_server

Version:

8.4.0

CPE:

cpe:2.3:a:oracle:mysql_server:8.4.0:*:*:*:*:*:*:*

mysql_server

Version:

8.0.25

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.25:*:*:*:*:*:*:*

mysql_server

Version:

8.0.39

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.39:*:*:*:*:*:*:*

mysql_server

Version:

8.0.24

CPE:

cpe:2.3:a:oracle:mysql_server:8.0.24:*:*:*:*:*:*:*

This vulnerability affects 37 software configuration(s). Ensure you patch all affected systems.

Available Security Patches

3 patches available from vendors

View All Patches

SUSE

CVE-2026-21968

Severity

Unknown

Released

Mar 05, 2026

Security Update

View Details Vendor Page

Canonical (Ubuntu)

USN-7994-1

USN-7994-1: MySQL vulnerabilities

Severity

Unknown

Released

Feb 02, 2026

Security Update

View Details Vendor Page

Oracle

CPUJAN2026

Oracle Critical Patch Update Advisory - January 2026

Severity

Critical

Released

Jan 20, 2026

Restart Required

Security Update

View Details Vendor Page

Browse All Security Patches

References & Resources

https://www.oracle.com/security-alerts/cpujan2026.html
secalert_us@oracle.com Vendor Advisory

Severity Details

6.5

out of 10.0

Medium

Weakness Type (CWE)

NVD-CWE-noinfo

View CWE Details on MITRE

Key Information

Published Date: January 20, 2026

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

CVE-2026-21968

Vulnerability Description

CVSS Metrics

Known Affected Software

oracle

Available Security Patches

CVE-2026-21968

USN-7994-1

CPUJAN2026

References & Resources

Severity Details

Weakness Type (CWE)

Key Information

External Resources