Known Vulnerabilities for products from MariaDB
Listed below are 20 of the newest known vulnerabilities associated with the vendor "MariaDB".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40887 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-35549 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-32710 json | MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11... | Not Provided | 2026-03-20 | 2026-03-31 |
| CVE-2023-40354 json | An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service"... | 6.5 - MEDIUM | 2023-08-14 | 2023-08-22 |
| CVE-2023-5157 json | A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a... | 7.5 - HIGH | 2023-09-27 | 2023-12-04 |
| CVE-2022-47015 json | MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::pr... | 6.5 - MEDIUM | 2023-01-20 | 2023-11-07 |
| CVE-2022-38791 json | In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write ... | 5.5 - MEDIUM | 2022-08-27 | 2023-11-07 |
| CVE-2022-32091 json | MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sani... | 7.5 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-32089 json | MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. | 7.5 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-32088 json | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort... | 7.5 - HIGH | 2022-07-01 | 2022-10-26 |
| CVE-2022-32087 json | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args. | 7.5 - HIGH | 2022-07-01 | 2022-10-26 |
| CVE-2022-32086 json | MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field. | 7.5 - HIGH | 2022-07-01 | 2022-10-25 |
| CVE-2022-32085 json | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_p... | 7.5 - HIGH | 2022-07-01 | 2022-10-26 |
| CVE-2022-32084 json | MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. | 7.5 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-32083 json | MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tra... | 7.5 - HIGH | 2022-07-01 | 2022-10-25 |
| CVE-2022-32082 json | MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc. | 7.5 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-32081 json | MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/hand... | 7.5 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-31624 json | MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method ... | 5.5 - MEDIUM | 2022-05-25 | 2023-08-08 |
| CVE-2022-31623 json | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e... | 5.5 - MEDIUM | 2022-05-25 | 2022-11-05 |
| CVE-2022-31622 json | MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pth... | 5.5 - MEDIUM | 2022-05-25 | 2023-08-08 |
Known software with vulnerabilities from MariaDB
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mariadb | Connector/c | 2.2.1 |
| Application | Mariadb | Mariadb | - |