- Description
- MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node. This is fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, and 12.3.2. As a workaround, anyone who cannot upgrade now should disable `wsrep_notify_cmd`.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-78
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2026-9366 2 - CVE-2026-42945 3 - CVE-2026-46640 4 - CVE-2026-49261 5 - CVE-2020-0022 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
8 Jun 2026
115 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
MariaDBにCVSSスコア10の脆弱性。CVE-2026-49261は詳細未開示。ほか、CVSSスコア8.0のCVE-2026-48165とCVE-2026-48163も修正されている。 https://t.co/WNIsc4l3ER
@__kokumoto
7 Jun 2026
1344 Impressions
2 Retweets
10 Likes
6 Bookmarks
0 Replies
0 Quotes