MariaDB 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は バッファオーバーフロー、vendor risk sql injection, and パス処理の欠陥 に関連することが多く、vendor surface data access and vendor surface data storage の文脈で アプリケーションクラッシュ and vendor impact data exposure などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-35549 | An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca. | [email protected] | 6.5 | 0.05% | 2026-04-03 | 2026-06-02 |
| CVE-2026-32710 | MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2. | [email protected] | 8.5 | 0.10% | 2026-03-20 | 2026-03-31 |
| CVE-2026-3494 | In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged. | ff89ba41-3aa1-4d27-914a-91399e9639e5 | 5.3 | 0.01% | 2026-03-03 | 2026-03-16 |
| CVE-2025-56404 | An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation. | [email protected] | 7.5 | 0.05% | 2025-09-10 | 2025-09-17 |
| CVE-2024-27766 | An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | [email protected] | 5.7 | 30.15% | 2024-10-17 | 2025-07-10 |
| CVE-2023-39593 | Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | [email protected] | 5.6 | 0.79% | 2024-10-17 | 2025-07-10 |
| CVE-2023-26785 | MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. | [email protected] | 9.8 | 63.02% | 2024-10-17 | 2025-07-10 |
| CVE-2023-22084 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability im | [email protected] | 4.9 | 6.98% | 2023-10-17 | 2025-01-22 |
| CVE-2023-5157 | A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service. | [email protected] | 7.5 | 0.81% | 2023-09-27 | 2025-10-01 |
| CVE-2023-40354 | An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3. | [email protected] | 6.5 | 0.05% | 2023-08-14 | 2024-11-21 |
| CVE-2022-47015 | MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. | [email protected] | 6.5 | 0.18% | 2023-01-20 | 2025-04-03 |
| CVE-2022-21595 | Vulnerability in the MySQL Server product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). C | [email protected] | 4.4 | 0.09% | 2022-10-18 | 2024-11-21 |
| CVE-2022-38791 | In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. | [email protected] | 5.5 | 0.04% | 2022-08-27 | 2024-11-21 |
| CVE-2022-32091 | MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. | [email protected] | 7.5 | 0.21% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32089 | MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. | [email protected] | 7.5 | 0.10% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32088 | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. | [email protected] | 7.5 | 0.25% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32087 | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. | [email protected] | 7.5 | 0.95% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32086 | MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. | [email protected] | 7.5 | 0.09% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32085 | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. | [email protected] | 7.5 | 0.16% | 2022-07-01 | 2024-11-21 |
| CVE-2022-32084 | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. | [email protected] | 7.5 | 0.21% | 2022-07-01 | 2024-11-21 |