Thank you for submitting this issue! The Ubuntu Security team is currently working to submit a CVE for this, and should be fixed in stable releases soon.
Meanwhile I believe the best way forward for mysql-8.4 in the Ubuntu devel release and mysql-8.0 in Debian Sid is to match mariadb with the use of unix sockets for new installations. I will release a fix for that ASAP.
