To report security vulnerabilities, please follow our special security policy. Do not report security issues in the public issue tracker.
Security: MariaDB/server
Security
SECURITY.md
-
FILE privilege was not checked for subqueries in the FROM clauseGHSA-667j-m53j-wpmc published
May 18, 2026 by vuvovaModerate -
Argument injection in CONNECT REST Xcurl on Windows via unsanitized URLGHSA-f835-cfjq-wf73 published
May 18, 2026 by vuvovaModerate -
Authorization bypass in role-based routine-level privilege check exposes stored routine definitionsGHSA-22xq-vq3f-87x2 published
May 18, 2026 by vuvovaModerate -
path traversal in mbstreamGHSA-9pjh-5hhw-65v9 published
May 18, 2026 by vuvovaModerate -
wsrep SST unsafe parameter handling on the donor sideGHSA-vwf7-w26c-9w5h published
May 18, 2026 by vuvovaHigh -
mysql_real_escape_string() incorrectly handled big5GHSA-pv9p-5w55-55jm published
May 18, 2026 by vuvovaModerate -
Heap-based Buffer Overflow in MariaDBGHSA-4rj5-2227-9wgc published
Mar 20, 2026 by vuvovaHigh
Learn more about advisories related to MariaDB/server in the GitHub Advisory Database