Red Hat Product Security released a security advisory (RHSA-2026:20693) addressing 19 unspecified vulnerabilities in MySQL 8.4 packages for Red Hat Enterprise Linux 10. The vulnerabilities affect multiple MySQL components such as InnoDB, Information Schema, Group Replication Plugin, Optimizer, DML, and JSON. Each vulnerability is identified by a CVE number (e.g., CVE-2026-21998, CVE-2026-22001, CVE-2026-34271, among others). The advisory classifies the overall security impact as moderate. No CVSS scores are provided in the advisory, and no known exploits in the wild have been reported. The advisory includes references to Red Hat's update instructions and package details. The vulnerabilities are addressed through updated MySQL 8.4 packages available for affected Red Hat Enterprise Linux 10 variants and CodeReady Linux Builder.

The vulnerabilities affect core MySQL components and could potentially impact database integrity, availability, or confidentiality depending on exploitation, but the advisory does not specify exact impacts or exploitation details. The overall security impact is rated moderate by Red Hat Product Security. There are no known exploits in the wild at the time of the advisory.

A security update for mysql8.4 is available for Red Hat Enterprise Linux 10 and related CodeReady Linux Builder variants. Users should apply the update following Red Hat's official guidance at https://access.redhat.com/articles/11258. Since the advisory is an official Red Hat security update, applying the provided patches is the recommended remediation. Patch status is confirmed as available. No additional mitigation steps are indicated in the advisory.