Multiple Vulnerabilities Found in MariaDB Affecting Security

Multiple Vulnerabilities Found in MariaDB Affecting Security

First seen 14 Jul 2026, 16:28 UTC UbuntuLinuxsecurityubuntu.com 94% similarity 74.0

Article Content

Browse articles
ThreatCluster

On July 14, 2026, multiple vulnerabilities in MariaDB were disclosed, impacting systems using the mariadb-server package. Key issues include improper validation during State Snapshot Transfers (CVE-2026-44168), privilege enforcement failures (CVE-2026-44169), and path validation flaws in the mbstream utility (CVE-2026-44171). These vulnerabilities could allow attackers to execute arbitrary commands, access sensitive information, and write files outside intended directories. Other vulnerabilities include SQL injection risks due to improper handling of character sets (CVE-2026-44172) and privilege checks in file operations (CVE-2026-44173). The vulnerabilities were published on June 12, 2026, and require immediate attention from system administrators to mitigate risks. Users are advised to update to the latest package versions to address these issues.

Key Points: • MariaDB vulnerabilities could lead to arbitrary command execution and SQL injection. • Affected CVEs include CVE-2026-44168, CVE-2026-44169, CVE-2026-44171, CVE-2026-44172, and CVE-2026-44173. • System administrators are urged to update to the latest mariadb-server package to mitigate risks.

ThreatCluster AI

Timeline

2026-06-11
CVE-2026-49261 published
A vulnerability in MariaDB was disclosed, affecting database security.
Linuxsecurity
2026-06-12
Multiple CVEs published
CVE-2026-44168, CVE-2026-44169, CVE-2026-44171, CVE-2026-44172, and CVE-2026-44173 were disclosed, detailing various vulnerabilities in MariaDB.
Ubuntu
2026-06-12
CVE-2026-44168 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-44171 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-44173 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-44169 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-48163 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-44172 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-12
CVE-2026-48165 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-07-14
Vulnerabilities disclosed in MariaDB
Multiple security issues were reported, affecting users of the mariadb-server package and requiring urgent updates.
Linuxsecurity

Community

Browse all →