NCSC-2026-0205 [1.00] [M/H] Vulnerabilities fixed in Oracle MySQL products
Oracle has fixed vulnerabilities in Oracle MySQL Shell for VS Code, MySQL Router, MySQL NDB Cluster, and MySQL Server. The vulnerabilities are present in various Oracle MySQL products and versions. In MySQL Shell for VS Code (version 2026.2.0+9.6.1), attackers with low privileges and network access via HTTP or user-interactive network access can gain full control over the MySQL Shell or unauthorized access to critical data. In MySQL Router (versions 8.4.0 to 8.4.9 and 9.0.0 to 9.7.0), unauthenticated attackers can achieve full device takeover or cause a denial-of-service by crashing or hanging the system via HTTP or TLS. MySQL NDB Cluster (versions 8.0.11 to 8.0.46, 8.4.0 to 8.4.9, and 9.0.0 to 9.7.0) contains a vulnerability that allows an attacker with low privileges and network access via HTTP to create, delete, or modify unauthorized critical data. MySQL Server and MySQL Cluster contain a vulnerability that allows an unauthenticated network attacker to cause a denial-of-service by crashing or hanging the server. The vulnerabilities have various CVSS 3.1 base scores ranging from 6.5 to 9.9, depending on the product and the nature of the vulnerability.
CSIRTS triage
- What
- Vulnerabilities in various MySQL products could allow attackers to gain unauthorized access or cause denial-of-service.
- Who is affected
- Users of Oracle MySQL products with network access.
- Urgency
- Remediation is critical due to the potential for unauthorized access and system disruption.
- Action
- Users should apply the updates provided by Oracle.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch MySQL
Get an email when a new MySQL advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://advisories.ncsc.nl/advisory?id=NCSC-2026-0205
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-468500.52% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 41% of all scored CVEs.
- Low exploitation riskCVE-2026-468600.51% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 40% of all scored CVEs.
- Low exploitation riskCVE-2026-468610.36% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 28% of all scored CVEs.
- Low exploitation riskCVE-2026-468620.46% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 37% of all scored CVEs.
- Low exploitation riskCVE-2026-468630.47% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 37% of all scored CVEs.
- Low exploitation riskCVE-2026-468690.18% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 8% of all scored CVEs.
- Low exploitation riskCVE-2026-468700.31% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 23% of all scored CVEs.
- Low exploitation riskCVE-2026-468710.26% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 18% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-46850 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46860 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46861 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46862 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46863 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46869 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46870 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-46871 | coverage & exploitation status | NVD · CVE.org |
More from NCSC-NL Advisories
- unknownNCSC-2026-0223 [1.00] [M/H] Vulnerabilities fixed in BeyondTrust Remote Support and Privileged Remote Access2026-07-10
- unknownNCSC-2026-0222 [1.00] [M/H] Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition2026-07-10
- unknownNCSC-2026-0221 [1.00] [M/H] Vulnerabilities fixed in UniFi products from Ubiquiti Networks2026-07-07
- unknownNCSC-2026-0220 [1.00] [M/H] Vulnerabilities fixed in Rancher by Rancher Labs2026-07-03
- unknownNCSC-2026-0219 [1.00] [M/H] Vulnerabilities fixed in GitHub Enterprise Server2026-07-03