Percona Server for MySQL 8.4.10-10 has been released
Percona Server for MySQL 8.4.10-10 has been released on Tuesday, June 30, 2026.
Try it out using the Quickstart guide.
Percona Server for MySQL 8.4.10-10
Percona Server for MySQL 8.4.10-10 introduces the following new features and improvements:
-
Integrates the new Key Management Interoperability Protocol (KMIP) library into the key management component.
-
Enhances Thread Pool statistics by adding new status variables for queue monitoring and wait time analysis. Reports the number of requests waiting in normal and high-priority queues, the number of requests not yet entered into a queue, and aggregate queue wait time statistics, including average, minimum, maximum, and standard deviation wait times.
-
Adds JSONL (JSON Lines) output format for Audit Log Filter.
-
Increases the verbosity of the data dictionary upgrade process, making it easier to diagnose issues that occur during upgrade.
-
Logs SQL statements for the Audit Log Filter
table_accessclass and thereadandinsertsubclasses. -
Flushes the audit log buffer on server shutdown when the
ASYNCHRONOUSlogging strategy is in use, preventing the loss of buffered events. -
Reduces memory pressure in the Audit Log Filter component caused by VFS buffering.
-
Aligns the
audit_log_filter.format=NEWoutput between the 8.0 plugin and the 8.4 component. -
Optimizes performance for
mem_root_deque.
MySQL 8.4.10
Improvements and bug fixes introduced by Oracle for MySQL 8.4.10 and included in Percona Server for MySQL are the following:
-
Connection attribute parsing could read a length-encoded size field before verifying that the complete field was present in the packet, leading to an out-of-bounds read. A size check is now performed before reading the field. (Bug #39116965)
-
A regression in row size estimation for
ROW_FORMAT=COMPRESSEDtables could causeCREATE TABLEto fail withRow size too largefor tables that were accepted in earlier releases. (Bug #39129182, Bug #120323) -
Under certain circumstances, when calculating the maximum possible index record size, an assertion failure could occur. (Bug #85060, Bug #25579578)
Find the complete list of bug fixes and changes in the MySQL 8.4.10 release notes .
Security updates
This release addresses the following security vulnerabilities:
-
CVE-2026-46850: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access via HTTP to compromise MySQL Shell, with potential scope change impact on additional products (CVSS 3.1 Base Score 9.9).
-
CVE-2026-46860: A vulnerability in MySQL Router allows an unauthenticated attacker with network access via HTTP to compromise MySQL Router (CVSS 3.1 Base Score 9.8).
-
CVE-2026-46861: A vulnerability in MySQL NDB Cluster (NDB Operator) allows a low-privileged attacker with network access via HTTP to access or modify critical data, with potential scope change impact (CVSS 3.1 Base Score 9.6).
-
CVE-2026-46862: A vulnerability in MySQL Router allows an unauthenticated attacker with network access via TLS to cause a hang or repeatable unexpected exit of MySQL Router (CVSS 3.1 Base Score 7.5).
-
CVE-2026-46863: A vulnerability in MySQL Server connection handling allows an unauthenticated attacker with network access via multiple protocols to cause a hang or repeatable unexpected exit of the server (CVSS 3.1 Base Score 7.5).
-
CVE-2026-46869: A vulnerability in MySQL Shell (Dump and Load) allows an unauthenticated attacker with network access to access critical data when user interaction is required (CVSS 3.1 Base Score 6.5).
-
CVE-2026-46870: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access to compromise MySQL Shell, with potential scope change impact (CVSS 3.1 Base Score 8.5).
-
CVE-2026-46871: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access via multiple protocols to access critical data (CVSS 3.1 Base Score 6.5).
Builds and packaging
-
Percona Server for MySQL releases include a mixture of PGO and non-PGO builds. Where Profile-Guided Optimization (PGO) is enabled, the compiler uses runtime profiling data from representative workloads to guide optimization, which can improve throughput and reduce latency compared with non-PGO builds.
-
See Profile-Guided Optimization (PGO) and non-PGO builds for benefits, considerations, and which build you receive for your platform.
Learn more in Percona Server for MySQL 8.4.10-10 release notes.