CVE-2025-21490 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
3
occurrences
First Seen
December 19, 2025
Last Seen
February 18, 2026

CVE-2025-21490 is a vulnerability tracked across 2 threat clusters and 3 intelligence report mentions on ThreatCluster. First observed December 19, 2025; most recent activity February 18, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • CVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). — Api.Msrc.Microsoft · February 18, 2026
  • SUSE: MariaDB Important Security Update Advisory 2025:4491-1 CVE-2023 — Linuxsecurity · December 19, 2025
  • openSUSE: mariadb Important Network Access Issues Advisory 2025:4491 — Linuxsecurity · December 19, 2025

CVSS v3.1 Breakdown