CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/12/11 10:6 a.m.•5 views

RHSA-2025:23008 Red Hat Security Advisory: mysql8.4 security update

Bulletin has no description...

5.5CVSS7.7AI score0.00533EPSS

Exploits0References37

OSV•added 2025/12/11 10:4 a.m.•8 views

RHBA-2025:5321 Red Hat Bug Fix Advisory: mysql8.4 bug fix and enhancement update

Bulletin has no description...

7.5CVSS6.9AI score0.01071EPSS

Exploits0References9

OSV•added 2025/12/11 12:0 a.m.•14 views

ALSA-2025:23111 Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

OSV•added 2025/12/11 12:0 a.m.•5 views

ALSA-2025:23134 Moderate: mysql:8.0 security update

Tenable Nessus•added 2025/12/11 12:0 a.m.•5 views

RHEL 9 : mysql (RHSA-2025:23109)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23109 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

OSV•added 2025/12/11 12:0 a.m.•5 views

ALSA-2025:23137 Moderate: mysql:8.4 security update

Tenable Nessus•added 2025/12/11 12:0 a.m.•3 views

RHEL 8 : mysql:8.0 (RHSA-2025:23134)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23134 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

OpenVAS•added 2025/12/11 12:0 a.m.•4 views

SUSE: Security Advisory (SUSE-SU-2025:21144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.0052EPSS

Exploits0References4

OSV•added 2025/12/11 12:0 a.m.•5 views

ALSA-2025:23109 Moderate: mysql security update

AlmaLinux•added 2025/12/11 12:0 a.m.•7 views

Moderate: mysql:8.0 security update

5.5CVSS7.3AI score0.00533EPSS

AlmaLinux•added 2025/12/11 12:0 a.m.•8 views

Moderate: mysql:8.4 security update

5.5CVSS7.3AI score0.00533EPSS

Tenable Nessus•added 2025/12/11 12:0 a.m.•4 views

RHEL 9 : mysql:8.4 (RHSA-2025:23111)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23111 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

Tenable Nessus•added 2025/12/11 12:0 a.m.•2 views

RHEL 8 : mysql:8.4 (RHSA-2025:23137)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23137 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

NVD•added 2025/12/10 11:15 p.m.•4 views

CVE-2025-67509

Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool e.g., for LLM agent querying, however, validation based on the first keyword e.g.,...

8.2CVSS0.00249EPSS

Exploits0References3

Cvelist•added 2025/12/10 11:5 p.m.•19 views

CVE-2025-67509 MySQLSelectTool Read-Only Bypass via SELECT INTO OUTFILE Allows Arbitrary File Write

8.2CVSS0.00249EPSS

Exploits0References3

OSV•added 2025/12/10 10:55 p.m.•3 views

CVE-2025-67510 MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”)

Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare + execute without semantic restrictions. This is consistent with the name “write tool”, but in an LLM/agent context...

9.4CVSS7.8AI score0.00348EPSS

CVE•added 2025/12/10 10:55 p.m.•12 views

CVE-2025-67510

Neuron is a PHP framework for AI Agents. Versions 2.8.11 and earlier have a vulnerability in the MySQLWriteTool that can execute arbitrary SQL provided by the caller via PDO::prepare() and execute(), without semantic restrictions. In an LLM/agent context this enables prompt injection or indirect ...

9.4CVSS7.5AI score0.00348EPSS

Exploits0References3Affected Software1

RedHat Linux•added 2025/12/10 12:52 p.m.•3 views

mysql: InnoDB unspecified vulnerability (CPU Oct 2025)

4.9CVSS5.7AI score0.00533EPSS

RedHat Linux•added 2025/12/10 12:52 p.m.•3 views

mysql: InnoDB unspecified vulnerability (CPU Oct 2025)

4.9CVSS5.7AI score0.00533EPSS