What is CVE-2026-35240?

CVE-2026-35240 is a medium-severity vulnerability in Oracle MySQL Server versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0. It allows high-privileged attackers to cause a denial-of-service (DoS) condition. Immediate patching is recommended.

What is the severity of CVE-2026-35240?

CVE-2026-35240 has a severity rating of MEDIUM with a CVSS base score of 4.9.

CVE-2026-35240 | Medium Vulnerability in Oracle MySQL Server

CVE-2026-35240 is a medium-severity vulnerability affecting Oracle MySQL Server, specifically the optimizer component. Supported versions that are affected are 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0. This vulnerability allows a high-privileged attacker with network access via multiple protocols to compromise MySQL Server.

Successful exploitation of this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of the MySQL Server. The CVSS 3.1 Base Score is 4.9, indicating a moderate impact on availability.

Organizations should prioritize patching immediately to mitigate the risk associated with this vulnerability. Proper remediation will help maintain the integrity and availability of MySQL Server environments.

The vulnerability was published on April 21, 2026, and has been classified as analyzed by Oracle. Given the potential for disruption, organizations utilizing affected versions should act swiftly.

Vulnerability Details

The vulnerability in the MySQL Server product of Oracle MySQL affects versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0. It is classified under CWE-284, which pertains to improper access control. The vulnerability allows attackers with high privileges to exploit the system.

The CVSS score of 4.9 implies a medium severity, with high availability impact but no confidentiality or integrity impact. The attack vector is network-based with low attack complexity.

Technical Analysis

The root cause of this vulnerability lies in the MySQL Server's optimizer. Attackers may leverage this vulnerability over the network with low complexity, requiring high privileges but no user interaction. The attacker's ability to cause a denial of service highlights the importance of addressing the vulnerability promptly.

From a technical standpoint, the exploitation could lead to potential downtime for services reliant on MySQL, impacting overall business operations. As such, organizations should assess potential risks pertaining to availability.

Risk & Impact Analysis

Risk to organizations includes significant operational downtime due to the denial of service condition. This vulnerability represents a serious risk for environments that rely heavily on MySQL databases, as it could disrupt critical services and lead to data loss or corruption.

Organizations should address this vulnerability in their priority patch cycle, especially those with public-facing MySQL servers or those processing sensitive data.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

Affected versions include MySQL Server versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0. Organizations should ensure they are running the patched versions to avoid exploitation of this vulnerability.

Mitigation & Remediation

To remediate this vulnerability, organizations should upgrade to the latest version of MySQL Server as soon as patches are available. If immediate upgrades are not feasible, consider implementing network controls to restrict access to the MySQL Server and monitor logs for unusual activity.

Organizations may also benefit from conducting a security assessment to identify potential vulnerabilities in their configurations. For further assistance, organizations can engage in penetration testing services to evaluate their security posture.

Detection Guidance

Monitor for log indicators that may suggest exploitation attempts, such as abnormal access patterns or repeated connection attempts. Behavioral anomalies such as unexpected crashes or hangs should also be investigated. Regular audits of access permissions and configurations can help mitigate risks associated with this vulnerability.

AppSecure Threat Intelligence Insight

The presence of CVE-2026-35240 indicates a continuing trend of vulnerabilities in database management systems, particularly those that could lead to denial of service. Security teams should consider this vulnerability in the broader context of application security and database hardening practices.

Organizations should stay informed about the latest security advisories and consider implementing continuous monitoring practices to identify vulnerabilities promptly. Engaging in a penetration testing methodology can also bolster defenses against emerging threats.

Lastly, maintaining a robust incident response plan will help organizations respond effectively to any potential exploitation attempts related to this vulnerability.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2026-35240: Medium Vulnerability in Oracle MySQL Server