These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A high-privileged MariaDB user could use wsrep_sst_receive_address or wsrep_sst_donor global system variables to execute shell commands as the uid of the mariadbd process on the galera joiner node. This issue affects MariaDB server versions from 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1. The issue has been patched in versions 10.6.2 [truncated]
CVE-2026-48163 is a high-severity vulnerability in MariaDB server, a community-developed fork of MySQL server. The vulnerability affects versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1. During the SST (Semi-Synchronous Replication) process, the donor node interpolates parameters sent by the joiner into the command line. However, [truncated]
CVE-2026-44173 is a vulnerability in MariaDB server, a community-developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privilege if the FROM clause contained only subqueries. This issue has been patched [truncated]
A SQL injection vulnerability was discovered in MariaDB server versions 3.3.18 and 3.4.8. An application taking non-validated user input, escaping it with mysql_real_escape_string(), and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections. This issue was patched in versions 3.3.19 and 3.4.9.
CVE-2026-44171 is a path traversal vulnerability in MariaDB server, a community-developed fork of MySQL server. The vulnerability affects versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. The issue arises from the mbstream component not checking for /../ in the path when unpacking an archive, potentially allowing a specially craft [truncated]
CVE-2026-44170 is a MEDIUM severity vulnerability in MariaDB server versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. The vulnerability occurs on Windows installations with the CONNECT engine and REST support enabled. An attacker can exploit this vulnerability to execute shell commands on the server by interpolating the table HTTP [truncated]
CVE-2026-44169 is a vulnerability in MariaDB server, a community-developed fork of MySQL server. The issue affects versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. A user who gains EXECUTE access to a stored routine via a role can view the routine definition, even without having the SHOW CREATE ROUTINE privilege. This vulnerability has been patched in versions 11.4.11, 11.8.7, and 12.3.2.
CVE-2026-44168 is a high-severity vulnerability in MariaDB server, allowing a malicious joiner to execute arbitrary shell commands on the donor side via the mariabackup SST method. The vulnerability affects MariaDB server versions from 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1. The issue has been patched in versions 10.6.26, 10.11.1 [truncated]
CVE-2026-49261 is a critical vulnerability in MariaDB server, a community-developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node. This is fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, and 12.3.2. As a workaround, a [truncated]
CVE-2017-3312 is a medium-severity vulnerability in the MySQL Server component, specifically the Server: Packaging subcomponent. According to the CVE description, a low-privileged attacker with logon access to the host where MySQL Server runs can compromise the service, but successful exploitation also requires human interaction by another person. NVD maps the issue to Oracle MySQL versions 5.5.53 and ear [truncated]
CVE-2017-3257 is a network-reachable availability issue in the MySQL Server InnoDB component that can let a low-privileged attacker trigger a hang or repeatable crash, resulting in a denial of service. The CVE description calls out Oracle MySQL Server, while the NVD record also maps related MariaDB and Debian CPEs. The issue was published on 2017-01-27 and is not listed as a KEV item in the supplied data.