{"schema_version":"1.7.2","id":"OESA-2026-1196","modified":"2026-01-23T12:22:58Z","published":"2026-01-23T12:22:58Z","upstream":["CVE-2026-21936","CVE-2026-21937","CVE-2026-21941","CVE-2026-21948","CVE-2026-21964","CVE-2026-21968"],"summary":"mysql security update","details":"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if\r\n\r\nSecurity Fix(es):\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21936)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21937)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21941)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21948)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21964)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and  9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).(CVE-2026-21968)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP4","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-22.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2203sp4"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-common-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-config-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-devel-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-help-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-libs-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-server-8.0.45-1.oe2203sp4.aarch64.rpm","mysql-test-8.0.45-1.oe2203sp4.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2203sp4.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-common-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-config-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-devel-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-help-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-libs-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-server-8.0.45-1.oe2203sp4.x86_64.rpm","mysql-test-8.0.45-1.oe2203sp4.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:24.03-LTS","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-24.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2403sp3"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2403.aarch64.rpm","mysql-common-8.0.45-1.oe2403.aarch64.rpm","mysql-config-8.0.45-1.oe2403.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403.aarch64.rpm","mysql-devel-8.0.45-1.oe2403.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403.aarch64.rpm","mysql-help-8.0.45-1.oe2403.aarch64.rpm","mysql-libs-8.0.45-1.oe2403.aarch64.rpm","mysql-server-8.0.45-1.oe2403.aarch64.rpm","mysql-test-8.0.45-1.oe2403.aarch64.rpm","mysql-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp3.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2403.src.rpm","mysql-8.0.45-1.oe2403sp1.src.rpm","mysql-8.0.45-1.oe2403sp2.src.rpm","mysql-8.0.45-1.oe2403sp3.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2403.x86_64.rpm","mysql-common-8.0.45-1.oe2403.x86_64.rpm","mysql-config-8.0.45-1.oe2403.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403.x86_64.rpm","mysql-devel-8.0.45-1.oe2403.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403.x86_64.rpm","mysql-help-8.0.45-1.oe2403.x86_64.rpm","mysql-libs-8.0.45-1.oe2403.x86_64.rpm","mysql-server-8.0.45-1.oe2403.x86_64.rpm","mysql-test-8.0.45-1.oe2403.x86_64.rpm","mysql-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp3.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:24.03-LTS-SP1","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-24.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2403sp1"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp1.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp1.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2403sp1.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp1.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:24.03-LTS-SP2","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-24.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2403sp2"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp2.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp2.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2403sp2.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp2.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp2.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:24.03-LTS-SP3","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-24.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2403sp3"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-common-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-config-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-devel-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-help-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-libs-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-server-8.0.45-1.oe2403sp3.aarch64.rpm","mysql-test-8.0.45-1.oe2403sp3.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2403sp3.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-common-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-config-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-devel-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-help-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-libs-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-server-8.0.45-1.oe2403sp3.x86_64.rpm","mysql-test-8.0.45-1.oe2403sp3.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:20.03-LTS-SP4","name":"mysql","purl":"pkg:rpm/openEuler/mysql&distro=openEuler-20.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.45-1.oe2003sp4"}]}],"ecosystem_specific":{"aarch64":["mysql-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-common-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-config-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-debuginfo-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-debugsource-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-devel-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-errmsg-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-help-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-libs-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-server-8.0.45-1.oe2003sp4.aarch64.rpm","mysql-test-8.0.45-1.oe2003sp4.aarch64.rpm"],"src":["mysql-8.0.45-1.oe2003sp4.src.rpm"],"x86_64":["mysql-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-common-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-config-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-debuginfo-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-debugsource-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-devel-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-errmsg-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-help-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-libs-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-server-8.0.45-1.oe2003sp4.x86_64.rpm","mysql-test-8.0.45-1.oe2003sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1196"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21936"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21937"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21941"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21948"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21964"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21968"}],"database_specific":{"severity":"Medium"}}