MEDIUM

CVE-2025-50087

mysql: Optimizer unspecified vulnerability (CPU Jul 2025)

CVSS v3

4.9

MEDIUM

EPSS Score

0.1%

exploit probability

CISA KEV

No

known exploited

Exploitation

none

SSVC status

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.1 Base Score 4.

Technical details

CVSS v3 Vector
3.1
Published
7/15/2025
Last Modified
7/17/2025

Frequently asked questions

What is CVE-2025-50087?

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.1 Base Score 4.

Is CVE-2025-50087 actively exploited?

Active exploitation of CVE-2025-50087 has not been confirmed. The EPSS score is 0.1%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-50087?

CVE-2025-50087 has a CVSS v3 base score of 4.9 (MEDIUM severity), with vector string 3.1.

Is CVE-2025-50087 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.