mariadb

414 tracked vulnerabilities.

CVE-2026-35549 MEDIUM
MariaDB <11.4.10, 11.5-11.8.5, 12-12.2.1 - DoS
Apr 03, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-32710 HIGH
Heap-based Buffer Overflow in MariaDB
Mar 20, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-3494 MEDIUM
MariaDB <=11.8.5 - Audit Log Bypass
Mar 03, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-13699 HIGH
MariaDB >= 11.8.3 - Remote Code Execution via Directory Traversal in mariadb-dump Utility
Dec 23, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-56404 HIGH
MariaDB MCP 0.1.0 - Unauthenticated Sensitive Information Exposure via SSE Service
Sep 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-27766 MEDIUM
MariaDB 11.1 - Remote Code Execution via lib_mysqludf_sys.so Function
Oct 17, 2024
CVSS 5.7
EPSS 0.30
CVE-2023-52971 MEDIUM
MariaDB Server <11.5 - Info Disclosure
Mar 08, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-52970 MEDIUM
MariaDB Server <11.5 - Info Disclosure
Mar 08, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-52969 MEDIUM
MariaDB Server <11.1.* - Info Disclosure
Mar 08, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-52968 MEDIUM
MariaDB Server <10.4.33-11.1.4 - Crash
Mar 08, 2025
CVSS 4.9
EPSS 0.00
CVE-2023-39593 MEDIUM
MariaDB - Authenticated Command Injection via sys_exec Function
Oct 17, 2024
CVSS 5.6
EPSS 0.01
CVE-2023-26785 CRITICAL
MariaDB 10.5 - Remote Code Execution via UDF Shared Object File
Oct 17, 2024
CVSS 9.8
EPSS 0.63
CVE-2023-22084 MEDIUM
MySQL Server <8.0.34, <5.7.44 - DoS
Oct 17, 2023
CVSS 4.9
EPSS 0.07
CVE-2023-5157 HIGH
MariaDB < 10.3.36 - Denial of Service via OpenVAS Port Scan
Sep 27, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-40354 MEDIUM
MariaDB MaxScale < 2.5.28 - Cleartext Storage of Sensitive Information in Configuration File
Aug 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-47015 MEDIUM
MariaDB Server <10.3.34-10.9.3 - DoS
Jan 20, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-21595 MEDIUM
MySQL Server <= 5.7.36 and <= 8.0.27 - Authenticated Denial of Service in C API
Oct 18, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-38791 MEDIUM
MariaDB 10.3.0-10.3.35 - Denial of Service via Deadlock in compress_write
Aug 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-32091 HIGH
MariaDB 10.3.0-10.3.35 - Use-After-Free in memset Interceptor
Jul 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32089 HIGH
MariaDB 10.4.0-10.4.25 - Denial of Service via st_select_lex_unit::exclude_level
Jul 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32088 HIGH
MariaDB 10.2.0-10.2.43 - Denial of Service via Exec_time_tracker Filesort
Jul 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32087 HIGH
MariaDB 10.3.0-10.3.34 - Denial of Service via Item_args::walk_args
Jul 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-32086 HIGH
MariaDB 10.4.0-10.4.24 - Denial of Service via Item_field::fix_outer_field
Jul 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32085 HIGH
MariaDB 10.2.0-10.2.43 - Denial of Service via Item_func_in::cleanup
Jul 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32084 HIGH
MariaDB 10.3.0-10.3.35 - Denial of Service via sub_select Component
Jul 01, 2022
CVSS 7.5
EPSS 0.00
Products
mariadb 405 MariaDB 6 connector\/c 1 maxscale 1 model_context_protocol 1 server 1
Quick Filters
Critical CVEs With Exploits In CISA KEV