CVE-2026-44173

Published Jun 12, 2026

Last updated a day ago

CVSS medium 5.0

Overview

Description
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privilege if the FROM clause contained only subqueries. This issue has been patched in versions 10.6.26, 10.11.17, 11.4.11, 11.8.7, and 12.3.2.
Source
security-advisories@github.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
5
Impact score
1.4
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
Severity
MEDIUM

Weaknesses

security-advisories@github.com
CWE-863

Social media

Hype score
Not currently trending

  1. MariaDBに重大な脆弱性(CVE-2026-3494,CVE-2026-44168,CVE-2026-44170,CVE-2026-44171,CVE-2026-44172,CVE-2026-44173) https://t.co/kEjnCL2hEQ #セキュリティ対策Lab #security #securitynews

    @securityLab_jp

    10 Jun 2026

    90 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.