QSearchQSearch

CVE-2026-44172

MariaDB server is a community developed fork of MySQL server

Published: 2026-06-12 · Last updated: 2026-06-12

Severity and scoring

CWE
CWE-89

Description

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections, even though mysql_real_escape_string() was supposed to prevent them. This issue has been patched in versions 3.3.19 and 3.4.9.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-12175 A vulnerability was detected in CodeAstro Student Attendance Management System 1.0 (4.7 MEDIUM)
  • CVE-2026-6428 SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 2... (7.6 HIGH)
  • CVE-2026-9848 The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and i... (7.5 HIGH)
  • CVE-2026-12131 A weakness has been identified in CodeAstro Human Resource Management System 1.0 (6.3 MEDIUM)
  • CVE-2026-41581 Frappe is a full-stack web application framework