CVE-2026-34278 Affecting mysql:8.0/mecab package, versions <0:0.996-2.module_el8.10.0+3965+b415b607


Severity

Recommended
0.0
medium
0
10

Based on AlmaLinux security rating.

Threat Intelligence

EPSS
0.32% (24th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-ALMALINUX8-MYSQL-17353786
  • published17 Jun 2026
  • disclosed4 Jun 2026

Introduced: 4 Jun 2026

NewCVE-2026-34278  (opens in a new tab)

How to fix?

Upgrade AlmaLinux:8 mysql:8.0/mecab to version 0:0.996-2.module_el8.10.0+3965+b415b607 or higher.
This issue was patched in ALSA-2026:25919.

NVD Description

Note: Versions mentioned in the description apply only to the upstream mysql:8.0/mecab package and not the mysql:8.0/mecab package as distributed by AlmaLinux. See How to fix? for AlmaLinux:8 relevant fixed versions and status.

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVSS Base Scores

version 3.1