CVE-2026-3494

EUVD-2026-9311
In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
mariadbmariadb
𝑥
≤ 10.6.24
mariadbmariadb
10.7.0 ≤
𝑥
≤ 10.11.15
mariadbmariadb
11.0.0 ≤
𝑥
≤ 11.4.9
mariadbmariadb
11.5.0 ≤
𝑥
≤ 11.8.5
amazonaurora_mysql
𝑥
≤ 2.12.5
amazonaurora_mysql
3.01.0 ≤
𝑥
< 3.04.6
amazonaurora_mysql
3.05.1 ≤
𝑥
≤ 3.10.2
amazonaurora_mysql
3.11.0
amazonrelational_database_service
𝑥
≤ 5.7.44-rds.20251212
amazonrelational_database_service
𝑥
≤ 10.6.24
amazonrelational_database_service
8.0.11 ≤
𝑥
≤ 8.0.44
amazonrelational_database_service
8.4.3 ≤
𝑥
≤ 8.4.7
amazonrelational_database_service
10.11.4 ≤
𝑥
≤ 10.11.15
amazonrelational_database_service
11.4.3 ≤
𝑥
≤ 11.4.9
amazonrelational_database_service
11.8.3 ≤
𝑥
≤ 11.8.5
𝑥
= Vulnerable software versions
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libmariadbd-devel
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
libmariadbd19
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-client
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-errormessages
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-tools
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
mariadb1011
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-backup
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-backup-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-client-utils
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-common
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-connect-engine
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-connect-engine-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-cracklib-password-check
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-cracklib-password-check-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-debugsource
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-devel
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-errmsg
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-gssapi-server
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-gssapi-server-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-oqgraph-engine
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-oqgraph-engine-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-pam
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-pam-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-rocksdb-engine
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-rocksdb-engine-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-server
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-server-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-server-utils
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-server-utils-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-sphinx-engine
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-sphinx-engine-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-test
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb1011-test-debuginfo
Amazon Linux 2023
3:10.11.18-1.amzn2023.0.1
fixed
mariadb114
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-backup
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-backup-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-client-utils
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-common
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-connect-engine
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-connect-engine-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-cracklib-password-check
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-cracklib-password-check-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-debugsource
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-devel
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-errmsg
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-gssapi-server
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-gssapi-server-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-oqgraph-engine
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-oqgraph-engine-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-pam
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-pam-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-rocksdb-engine
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-rocksdb-engine-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-server
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-server-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-server-utils
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-server-utils-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-sphinx-engine
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-sphinx-engine-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-test
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
mariadb114-test-debuginfo
Amazon Linux 2023
3:11.4.10-1.amzn2023.0.1
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
mariadb
Azure Linux 3.0
0:10.11.16-1.azl3
fixed
CBL-Mariner 2.0
0:10.6.25-1.cm2
fixed