CVE-2025-8107

In OceanBase’s Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands.

This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected.

Assigner : security@oceanbase.com

More information : https://github.com/oceanbase/oceanbase/security