Akkadian Provisioning Manager - Information Disclosure

Akkadian Provisioning Manager is susceptible to information disclosure. The restricted shell provided can be escaped by abusing the Edit MySQL Configuration command. This command launches a standard VI editor interface which can then be escaped. id: CVE-2021-31581 info: name: Akkadian Provisionin...

CVE-2026-46446

SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. CVE-2026-44170: argument...

SUSE-SU-2026:2284-1 Security update for mariadb

This update for mariadb fixes the following issues: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. - CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. - CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. - CVE-2026-44170:...

Security update for mariadb

This update for mariadb fixes the following issues: Security fixes: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. CVE-2026-44170: argument injection in CONNECT REST Xcurl on Windows via unsanitized...

BIT-MYSQL-CLIENT-2026-35549

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...

BIT-MARIADB-MIN-2026-35549

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...

BIT-MARIADB-2026-35549

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the cachingsha2password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256cryptr uses allo...

RockyLinux 10 : galera and mariadb11.8 (RLSA-2026:19021)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19021 advisory. MariaDB: MariaDB: Remote Code Execution or Denial of Service via JSONSCHEMAVALID function vulnerability CVE-2026-32710 Tenable has extracted the preceding...

PT-2026-46038

These are all security issues fixed in the libmariadbd-devel-11.8.8-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-48188

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NOBACKSLASHESCAPES SQL mode...

FreeBSD : MariaDB -- Multiple vulnerabilities (2eb8a9ab-5b5d-11f1-8607-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2eb8a9ab-5b5d-11f1-8607-8447094a420f advisory. The MariaDB project reports: Multiple vulnerabilities in MariaDB Cluster Galera Tenable has...

RLSA-2026:19021 Moderate: galera and mariadb11.8 security update

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...

galera and mariadb11.8 security update

An update is available for mariadb11.8, galera. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a community developed fork from MySQL - a multi-user,...

ROS-20260529-73-0025

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

ROS-20260529-73-0026

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

PT-2026-45148

These are all security issues fixed in the libmariadbd-devel-11.8.7-1.1 package on the GA media of openSUSE Tumbleweed...

RLSA-2026:19182 Moderate: mariadb:11.8 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: MariaDB: MariaDB: Remote Code Execution or Denial of Service via JSONSCHEMAVALID function vulnerability CVE-2026-32710 For more details about the security issues, including the impact...

mariadb:11.8 security update

An update is available for module.galera, module.mariadb, mariadb, galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threade...

MariaDB -- Multiple vulnerabilities

The MariaDB project reports: Multiple vulnerabilities in MariaDB Cluster Galera...