CVE-2026-35549

🗓️ 03 Apr 2026 05:00:18Reported by mitreType

CVE-2026-35549: MariaDB crashes on large packets using caching_sha2_password alloca.

Reporter	Title	Published	Views	Family All 38
ATTACKERKB	CVE-2026-35549	3 Apr 202605:00	–	attackerkb
AlpineLinux	CVE-2026-35549	3 Apr 202605:00	–	alpinelinux
CNNVD	MariaDB Server 安全漏洞	3 Apr 202600:00	–	cnnvd
CVE	CVE-2026-35549	3 Apr 202605:00	–	cve
Debian CVE	CVE-2026-35549	3 Apr 202605:00	–	debiancve
EUVD	EUVD-2026-18595	3 Apr 202606:31	–	euvd
MariaDBUnix	CVE-2026-35549	3 Apr 202605:00	–	mariadbunix
NVD	CVE-2026-35549	3 Apr 202605:16	–	nvd
OSV	BELL-CVE-2026-35549	7 Apr 202606:09	–	osv
OSV	BIT-MARIADB-2026-35549	5 Jun 202605:48	–	osv

[
  {
    "defaultStatus": "unaffected",
    "product": "MariaDB",
    "vendor": "MariaDB",
    "versions": [
      {
        "lessThan": "11.4.10",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "11.8.6",
        "status": "affected",
        "version": "11.5.0",
        "versionType": "semver"
      },
      {
        "lessThan": "12.2.2",
        "status": "affected",
        "version": "12.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
jira	www.jira.mariadb.org/browse/MDEV-38365

03 Apr 2026 05:00Current

CVSS 3.16.5

EPSS0.00058

CWE-789