Red Hat Product Errata RHSA-2026:20693 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20693 - Security Advisory Overview Updated Packages Synopsis Moderate: mysql8.4 security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for mysql8.4 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fix(es): mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-22004) mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22001) mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34271) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22009) mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35237) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-21998) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22005) mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35238) mysql: DML unspecified vulnerability (CPU Apr 2026) (CVE-2026-35239) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22002) mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35236) mysql: JSON unspecified vulnerability (CPU Apr 2026) (CVE-2026-34308) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-34303) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-35240) mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22017) mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-34304) mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22015) mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34276) mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34270) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2460274 - CVE-2026-22004 mysql: InnoDB unspecified vulnerability (CPU Apr 2026) BZ - 2460275 - CVE-2026-22001 mysql: Information Schema unspecified vulnerability (CPU Apr 2026) BZ - 2460276 - CVE-2026-34271 mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) BZ - 2460279 - CVE-2026-22009 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460295 - CVE-2026-35237 mysql: InnoDB unspecified vulnerability (CPU Apr 2026) BZ - 2460312 - CVE-2026-21998 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460315 - CVE-2026-22005 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460316 - CVE-2026-35238 mysql: InnoDB unspecified vulnerability (CPU Apr 2026) BZ - 2460323 - CVE-2026-35239 mysql: DML unspecified vulnerability (CPU Apr 2026) BZ - 2460324 - CVE-2026-22002 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460325 - CVE-2026-35236 mysql: InnoDB unspecified vulnerability (CPU Apr 2026) BZ - 2460326 - CVE-2026-34308 mysql: JSON unspecified vulnerability (CPU Apr 2026) BZ - 2460329 - CVE-2026-34303 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460335 - CVE-2026-35240 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460342 - CVE-2026-22017 mysql: Optimizer unspecified vulnerability (CPU Apr 2026) BZ - 2460344 - CVE-2026-34304 mysql: InnoDB unspecified vulnerability (CPU Apr 2026) BZ - 2460348 - CVE-2026-22015 mysql: Information Schema unspecified vulnerability (CPU Apr 2026) BZ - 2460356 - CVE-2026-34276 mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) BZ - 2460358 - CVE-2026-34270 mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) RHEL-130029 - mysqld doesn't start in image mode due to missing/invalid user CVEs CVE-2026-21998 CVE-2026-22001 CVE-2026-22002 CVE-2026-22004 CVE-2026-22005 CVE-2026-22009 CVE-2026-22015 CVE-2026-22017 CVE-2026-34270 CVE-2026-34271 CVE-2026-34276 CVE-2026-34303 CVE-2026-34304 CVE-2026-34308 CVE-2026-35236 CVE-2026-35237 CVE-2026-35238 CVE-2026-35239 CVE-2026-35240 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM mysql8.4-8.4.9-1.el10_2.src.rpm SHA-256: 31edd2d67cb4eadc39995087e4b21c3a46915959d509db294cd76b811d914459 x86_64 mysql8.4-8.4.9-1.el10_2.x86_64.rpm SHA-256: 6c43f6ec931368aaec3cdc79e4d6b86b38412e0dd64aee7767b0901a237097e5 mysql8.4-common-8.4.9-1.el10_2.noarch.rpm SHA-256: 632d4a806357396327f38c6ffe807e67fd42478705519b691ac36b30f404a1e1 mysql8.4-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: a64ced435b09b13b683ee05d21c0d5db04b21df93b49fb9979f2f159837592f1 mysql8.4-debugsource-8.4.9-1.el10_2.x86_64.rpm SHA-256: 711bfd101195376bbc6708461a06a0613fa8e484d3f803a563a22182f7792db2 mysql8.4-devel-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 02f7a9f9ad0b5143e6a3e0443ed3184ce7d96d01976b18da5a0a093eeef23ab9 mysql8.4-errmsg-8.4.9-1.el10_2.noarch.rpm SHA-256: b32c45201363bfcfafd5c7309d0579ed8cad1e94a5ebb3ba947497b7b5bda202 mysql8.4-libs-8.4.9-1.el10_2.x86_64.rpm SHA-256: 60cde53e325d6db499d09410001f973034a17ecd32aeeca472bc4bc080c48eb5 mysql8.4-libs-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: fa2497e72a5d3616c623c75d538dba7a408205acb3e34801c52fc92ccf4d39de mysql8.4-server-8.4.9-1.el10_2.x86_64.rpm SHA-256: 604723c6b3c2d59797e699f008fe2bcf448f4464cf633a2b9f31f8aacbdb0d98 mysql8.4-server-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 55c09a4b0cb651cfee009c95c076f0881af8f38cacd2723e362eb8a12cc77613 mysql8.4-test-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 9d0524bdc3b82d8327e75b415048c324cca2ce711155f1cd0dade91157170cf3 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM mysql8.4-8.4.9-1.el10_2.src.rpm SHA-256: 31edd2d67cb4eadc39995087e4b21c3a46915959d509db294cd76b811d914459 x86_64 mysql8.4-8.4.9-1.el10_2.x86_64.rpm SHA-256: 6c43f6ec931368aaec3cdc79e4d6b86b38412e0dd64aee7767b0901a237097e5 mysql8.4-common-8.4.9-1.el10_2.noarch.rpm SHA-256: 632d4a806357396327f38c6ffe807e67fd42478705519b691ac36b30f404a1e1 mysql8.4-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: a64ced435b09b13b683ee05d21c0d5db04b21df93b49fb9979f2f159837592f1 mysql8.4-debugsource-8.4.9-1.el10_2.x86_64.rpm SHA-256: 711bfd101195376bbc6708461a06a0613fa8e484d3f803a563a22182f7792db2 mysql8.4-devel-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 02f7a9f9ad0b5143e6a3e0443ed3184ce7d96d01976b18da5a0a093eeef23ab9 mysql8.4-errmsg-8.4.9-1.el10_2.noarch.rpm SHA-256: b32c45201363bfcfafd5c7309d0579ed8cad1e94a5ebb3ba947497b7b5bda202 mysql8.4-libs-8.4.9-1.el10_2.x86_64.rpm SHA-256: 60cde53e325d6db499d09410001f973034a17ecd32aeeca472bc4bc080c48eb5 mysql8.4-libs-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: fa2497e72a5d3616c623c75d538dba7a408205acb3e34801c52fc92ccf4d39de mysql8.4-server-8.4.9-1.el10_2.x86_64.rpm SHA-256: 604723c6b3c2d59797e699f008fe2bcf448f4464cf633a2b9f31f8aacbdb0d98 mysql8.4-server-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 55c09a4b0cb651cfee009c95c076f0881af8f38cacd2723e362eb8a12cc77613 mysql8.4-test-debuginfo-8.4.9-1.el10_2.x86_64.rpm SHA-256: 9d0524bdc3b82d8327e75b415048c324cca2ce711155f1cd0dade91157170cf3 Red Hat Enterprise Linux for IBM z Systems 10 SRPM mysql8.4-8.4.9-1.el10_2.src.rpm SHA-256: 31edd2d67cb4eadc39995087e4b21c3a46915959d509db294cd76b811d914459 s390x mysql8.4-8.4.9-1.el10_2.s390x.rpm SHA-256: 2b1a896681bf5d3004a5549fdb64