Medium severity6.3NVD Advisory· Published Jul 24, 2025· Updated Apr 15, 2026

CVE-2025-8107

Description

In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands.

This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

News mentions

No linked articles in our index yet.

cvss	0.410
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000