Critical MySQL Denial of Service Vulnerabilities in Ubuntu 20.04 LTS

Two critical denial of service vulnerabilities were discovered in MySQL affecting Ubuntu 20.04 LTS. The vulnerabilities, identified as CVE-2026-46862 and CVE-2026-46863, allow unauthenticated remote attackers to crash MySQL Router and MySQL Server, respectively. The issues stem from improper handling of TLS protocol upgrade requests and connection authentication. Users of MySQL version 8.0 on Ubuntu 20.04 LTS are particularly at risk. The vulnerabilities were published on June 16, 2026, and have been addressed in the latest security update. Administrators are advised to update their systems to mitigate the risks. The update is available through standard system updates for Ubuntu Pro users. The potential impact includes service disruption for applications relying on MySQL.

Key Points: • Two critical DoS vulnerabilities in MySQL (CVE-2026-46862, CVE-2026-46863) were disclosed. • Unauthenticated remote attackers can exploit these vulnerabilities to crash MySQL Router and Server. • Users of Ubuntu 20.04 LTS with MySQL 8.0 are urged to apply the latest security updates immediately.