CVE Catalog

CVE-2026-46869

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

A vulnerability in the MySQL Shell product of Oracle MySQL allows an unauthenticated attacker with network access to compromise MySQL Shell. Human interaction is required, increasing the risk of unauthorized access to critical data.

Risk Assessment

An attacker may gain unauthorized access to data, potentially leading to serious security implications for the organization.

Recommendation

It is recommended to update MySQL Shell to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Dump and Load). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Shell accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS