The latest mysql56-server in ports is 5.6.45 which is vulnerable.
Is this going to be EoL'd?
I don't see any notification for mysql56 on https://www.mysql.com/support/eol-notice.html
I see no reference to a security issue in 5.6.46 release notes 
However, they are mentioned in a reference in the VuXML entry:
@Mahdi Could you prioritize this update? These vulnerabilities were announced October 2019
Note: VuXML entry added 02 Nov 2019 in ports r516329
the maintainer is unfortunately very busy at the moment, and I am currently taking over his work with his approval.
landed in r521874