Lucene search
K

4 matches found

OSV
OSV
added 2026/03/10 8:48 a.m.8 views

BIT-MYSQL-CLIENT-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...

5.3CVSS5.8AI score0.00274EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/05 6:52 a.m.9 views

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

4.3CVSS5.8AI score0.00274EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2026/03/03 6:12 p.m.4 views

CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...

5.3CVSS6.5AI score0.00274EPSS
Exploits1
CVE
CVE
added 2026/03/03 6:12 p.m.73 views

CVE-2026-3494

CVE-2026-3494 affects MariaDB Server (audit plugin) up to version 11.8.5. When the audit plugin is enabled and server_audit_events is filtered to QUERY_DCL/QUERY_DDL/QUERY_DML, an authenticated user issuing a SQL statement starting with -- or # may bypass logging, leading to incomplete audit reco...

5.3CVSS6AI score0.00274EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder