How severe is CVE-2025-21534?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2025-21534?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2025-21534 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Performance Schema). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Related Vulnerabilities

CVE-2021-22360

MEDIUM

CVSS:4.9(Medium)

There is a resource management error vulnerability in the verisions V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 of USG9500. An authentication attacker needs to perform specific operations ...

CWE-7702021

CVE-2021-28700

MEDIUM

CVSS:4.9(Medium)

xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set...

CWE-7702021

CVE-2022-22488

MEDIUM

CVSS:4.9(Medium)

IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deleting too many CA certificates in a short period of time. IBM X-Force ID: 2226337.

CWE-7702022

CVE-2023-22819

MEDIUM

CVSS:4.9(Medium)

An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stoppe...

CWE-7702023

CVE-2023-28107

MEDIUM

CVSS:4.9(Medium)

Discourse is an open-source discussion platform. Prior to version 3.0.2 of the `stable` branch and version 3.1.0.beta3 of the `beta` and `tests-passed` branches, a user logged as an administrator can ...

CWE-7702023

CVE-2023-29973

MEDIUM

CVSS:4.9(Medium)

Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating multiple malicious users in firewall.

CWE-7702023