CVE-2026-48188

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NOBACKSLASHESCAPES SQL mode...

CVE-2024-47091

Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB version 10.5.13 allows a hamaria::extra application to crash due to certain SELECT statements...

Linux Distros Unpatched Vulnerability : CVE-2026-35549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication...

MariaDB Server 安全漏洞

MariaDB Server is an open-source relational database system developed by MariaDB. Vulnerabilities existed in versions prior to 11.4.10, as well as in versions 11.5.x to 11.8.x, up to 11.8.6, and 12.x up to 12.2.2. These vulnerabilities were due to a buffer overflow in the cachingsha2password...

A Bootiful Podcast: Java developer advocate Ana-Maria Mihalceanu

I had a wonderful chat with Java Developer Advocate Ana-Maria Mihalceanu about Java Flight Recorder, Project Babylon, Project Panama, and so many other exciting things in the Java ecosystem...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-13699)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-13699 advisory. - MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This...

CVE-2026-22027 CryptoLib Vulnerable to Heap Buffer Overflow in MariaDB SA Hexstring Conversion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...

CVE-2026-22027 CryptoLib Vulnerable to Heap Buffer Overflow in MariaDB SA Hexstring Conversion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...

CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1

CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-14758

Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials...

RHEL 9 : galera and mariadb (RHSA-2025:19584)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19584 advisory. Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more...

OESA-2025-2379 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to S...

Linux Distros Unpatched Vulnerability : CVE-2023-39593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insecure permissions in the sysexec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this ...

Malicious code in test-mlw2-ester-maria-preif-bairn (npm)

The package test-mlw2-ester-maria-preif-bairn was found to contain malicious code...

Malicious code in test-mlw2-ergon-orbed-maria-jutty (npm)

The package test-mlw2-ergon-orbed-maria-jutty was found to contain malicious code...

MAL-2025-35290 Malicious code in test-mlw2-ester-maria-preif-bairn (npm)

The package test-mlw2-ester-maria-preif-bairn was found to contain malicious code...

MAL-2025-35283 Malicious code in test-mlw2-ergon-orbed-maria-jutty (npm)

The package test-mlw2-ergon-orbed-maria-jutty was found to contain malicious code...

SUSE CVE-2023-52968

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...

CVE-2023-52968

Disclaimer: This data contains information about vulnerable...