Product Release Advisory - VMware Tanzu for MySQL on Kubernetes 2.0.3

Product/Component

VMware Tanzu Data Intelligence

7 more products

Notification Id

37452

Last Updated

07 May 2026

Initial Publication Date

07 May 2026

Status

CLOSED

Severity

CRITICAL

CVSS Base Score

9.8

WorkAround

Affected CVE

Product Release Advisory

Advisory ID:	TNZ-2026-0269
Severity:
Issue Date:	2026-05-06
Updated on:
Synopsis	Many critical & high vulnerabilities were found in MySQL for Kubernetes 2.0.2, which is addressed in MySQL for Kubernetes 2.0.3

Product Version Release Advisory

VMware Tanzu for MySQL on Kubernetes 2.0.3

https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-for-mysql-on-kubernetes/2-0/vmware-mysql-k8s/cve.html

Security Fixes

This release has the following security fixes, listed by component and area.

Component

Vulnerabilities Resolved

MySQL 2.0.2, fixed in MySQL 2.0.3

CVE-2026-27143 (critical)
CVE-2026-27140 (high)
CVE-2026-33810 (high)
CVE-2026-6100 (high)
CVE-2026-32281 (high)
CVE-2026-5121 (high)
CVE-2026-32280 (high)
CVE-2026-25679 (high)
CVE-2026-27135 (high)
CVE-2026-4424 (high)
CVE-2026-32283 (high)
CVE-2026-4786 (high)
CVE-2026-4519 (high)
CVE-2026-27144 (high)
GHSA-r4pg-vg54-wxx4 (medium)
CVE-2026-4878 (medium)
CVE-2026-32282 (medium)
CVE-2026-32289 (medium)
CVE-2026-27142 (medium)
CVE-2026-32288 (medium)
GHSA-m5vv-6r4h-3vj9 (medium)
CVE-2025-10158 (medium)
CVE-2026-27139 (low)

History

2026-05-06: Initial vulnerability report published.

Contact

E-mail: [email protected]

VMware Tanzu Security Advisories: tanzu.vmware.com/security