CVE-2025-41281

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is...

CVE-2025-41280

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal Zip Slip in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is enabled...

CVE-2026-34318

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2026-34319

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

CVE-2026-34317

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

CVE-2026-42237

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcxc-pwjx did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly interpolating user-controlled table names, column names, a...

CVE-2026-48188

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NOBACKSLASHESCAPES SQL mode...

CVE-2024-47091

Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...

RHSA-2026:23332 Red Hat Security Advisory: mysql security update

Bulletin has no description...

AlmaLinux 9 : mysql (ALSA-2026:23332)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:23332 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001 mysql...

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

mysql: DML unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

mysql: Information Schema unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with...