PatchSiren cyber security CVE debrief
CVE-2026-44171 MariaDB CVE debrief
CVE-2026-44171 is a path traversal vulnerability in MariaDB server, a community-developed fork of MySQL server. The vulnerability affects versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. The issue arises from the mbstream component not checking for /../ in the path when unpacking an archive, potentially allowing a specially crafted archive to create files outside of the target directory.
- Vendor
- MariaDB
- Product
- server
- CVSS
- MEDIUM 6.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of MariaDB server versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1 should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability has a CVSS score of 6.3 and is classified as MEDIUM severity. The affected versions of MariaDB server are 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. The vulnerability is caused by the mbstream component not properly checking for /../ in the path when unpacking an archive.
Defensive priority
MEDIUM
Recommended defensive actions
- Upgrade to MariaDB server versions 10.6.26, 10.11.17, 11.4.11, 11.8.7, or 12.3.2, which have patched this vulnerability.
- Ensure that backups are properly validated and do not contain malicious paths.
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide official information about the vulnerability. Additional references can be found at [ref-4] and [ref-5].
Official resources
CVE-2026-44171 was published on 2026-06-12T18:16:33.983Z and has not been modified since then.