CVE-2026-48773

Summary of CVE-2026-48773 : ProxySQL (versions 2.0.18–3.0.8) contains a pre-authentication heap memory corruption in the MySQL/PostgreSQL protocol first-read paths. A remote, unauthenticated client can declare an oversized first packet length, and ProxySQL passes that attacker-controlled length t...

CVE-2026-48773 ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption vulnerability in the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can declare an oversized first packet length, and...

PT-2026-51016

Name of the Vulnerable Software and Affected Versions ProxySQL versions 2.0.18 through 3.0.8 Description ProxySQL contains a pre-authentication heap memory corruption issue within the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can trigger this by declaring an...

openSUSE 16 Security Update : wireshark (openSUSE-SU-2026:20685-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20685-1 advisory. This update for wireshark fixes the following issues - CVE-2026-3201: missing limit checks in USB HID protocol dissector's parsereportdescriptor...

CVE-2026-6524

A flaw was found in Wireshark, a widely used network protocol analyzer. A remote attacker could exploit a vulnerability within the MySQL protocol dissector, the part of the software that interprets MySQL network communications. This could lead to a denial of service, causing the Wireshark...

SUSE CVE-2026-6524

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

UBUNTU-CVE-2026-6524

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

EUVD-2026-26332

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6524

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6524

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-6524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CVE-2026-6524 Note that Nessus relies on the presence of...

Oracle MySQL Server 9.x.x < 9.6.0 (January 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging. Supported versions that are affected are 8.0.0-8.0.44,...

Oracle MySQL Server 8.4.x < 8.4.8 (January 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Docker Images SQLite. Supported versions that are affected are...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to cause service interruptions.

Vulnerability of the Server component: The DDL system for managing databases in Oracle MySQL Server has vulnerabilities related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Oracle MySQL Server database management system’s component exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL protocol...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...