Back

Critical Vulnerabilities in MariaDB Affecting openSUSE and SUSE Linux Enterprise Server

Severity: High (Score: 72.8)

Sources: Linuxsecurity

Published: 2026-06-06 · Updated: 2026-06-06

Keywords: mariadb, issues, update, fixes, handling, critical, following

Severity indicators: critical, issue

Summary

Two critical advisories were issued for MariaDB affecting openSUSE and SUSE Linux Enterprise Server. The vulnerabilities include CVE-2026-3494, an audit plugin handling bypass, and CVE-2026-34303, an unspecified optimizer vulnerability. Other notable issues include unsafe parameter handling and path traversal vulnerabilities. The updates address multiple CVEs, including CVE-2026-44168, CVE-2026-44170, CVE-2026-44171, CVE-2026-44172, and CVE-2026-44173. The updates were released on June 5, 2026, and are rated critical. Affected systems include MariaDB installations on both platforms. Administrators are urged to apply the patches immediately to mitigate potential exploitation risks. Key Points: • Critical vulnerabilities in MariaDB affect both openSUSE and SUSE Linux Enterprise Server. • Key CVEs include CVE-2026-3494 and CVE-2026-34303, with multiple other vulnerabilities addressed. • Patches were released on June 5, 2026, and are rated critical, requiring immediate application.

Detailed Analysis

**Impact** Users of MariaDB on openSUSE and SUSE Linux Enterprise Server 15 SP6 are affected by multiple critical vulnerabilities. These issues potentially expose database servers to privilege bypass, argument injection, path traversal, and unsafe parameter handling, which could lead to unauthorized access or data manipulation. The vulnerabilities impact sectors and geographies where these Linux distributions are deployed, but no specific numbers or industries are provided. Business operations relying on MariaDB for data integrity and availability may face increased risk until patched. **Technical Details** The vulnerabilities include CVE-2026-3494 (audit plugin handling bypass), CVE-2026-34303 (MySQL optimizer vulnerability), CVE-2026-44168, CVE-2026-44170 (argument injection via unsanitized URL on Windows), CVE-2026-44171 (path traversal in mbstream), CVE-2026-44172 (incorrect handling of big5 encoding), CVE-2026-44173 (missing FILE privilege check in subqueries), CVE-2026-48163, and CVE-2026-48165 (unsafe wsrep SST parameter handling). Attack vectors include unsanitized input leading to injection and path traversal, and unsafe parameter handling in Galera cluster SST processes. No specific malware, tools, or IOCs are mentioned. **Recommended Response** Apply the MariaDB security updates SUSE-SU-2026:2282-1 for openSUSE and SUSE-SU-2026:2284-1 for SLES 15 SP6 immediately to mitigate all listed CVEs. Harden configurations related to wsrep SST parameters and audit plugin usage. Monitor database logs for unusual access patterns or injection attempts, especially on Windows hosts running MariaDB. No additional detection rules or IOCs are provided in the advisories.

Source articles (2)

  • SUSE Linux Enterprise Server 15 SP6 Critical MariaDB Update 2026-2284 — Linuxsecurity · 2026-06-06
    ## This update for mariadb fixes the following issues: * CVE-2026-3494: audit plugin handling bypass (bsc#1259176). * CVE-2026-34303: mysql: optimizer unspecified vulnerability (bsc#1266435). * CVE-20…
  • openSUSE MariaDB Critical Issues Addressed Advisory 2026-2282 — Linuxsecurity · 2026-06-06
    ## This update for mariadb fixes the following issues: Security fixes: * CVE-2026-3494: audit plugin handling bypass (bsc#1259176). * CVE-2026-44168: wsrep SST unsafe parameter handling on the donor s…

Timeline

  • 2026-03-03 — CVE-2026-3494 published: An audit plugin handling bypass vulnerability in MariaDB was disclosed, affecting various installations.
  • 2026-04-21 — CVE-2026-34303 published: An unspecified vulnerability in the MySQL optimizer was disclosed, impacting MariaDB systems.
  • 2026-06-05 — Critical updates released: SUSE released critical updates for MariaDB addressing multiple vulnerabilities, including CVE-2026-3494 and CVE-2026-34303.
  • 2026-06-05 — Second critical advisory issued: Another advisory for SUSE Linux Enterprise Server 15 SP6 was released, addressing similar vulnerabilities in MariaDB.

CVEs

  • CVE-2026-34303
  • CVE-2026-3494
  • CVE-2026-44168
  • CVE-2026-44170
  • CVE-2026-44171
  • CVE-2026-44172
  • CVE-2026-44173
  • CVE-2026-48163
  • CVE-2026-48165

Related entities

  • CWE-22 - Path Traversal (Cwe)
  • CWE-269 - Improper Privilege Management (Cwe)
  • CWE-78 - OS Command Injection (Cwe)
  • Windows (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed