CVE-2026-44173

EUVD-2026-36518
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privilege if the FROM clause contained only subqueries. This issue has been patched in versions 10.6.26, 10.11.17, 11.4.11, 11.8.7, and 12.3.2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Debian logo
Debian Releases
Debian Product
Codename
mariadb
bookworm
vulnerable
forky
vulnerable
sid
1:11.8.8-1
fixed
trixie
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libmariadbd-devel
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
libmariadbd19
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-client
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-errormessages
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
mariadb-tools
suse enterprise sap 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise sap 15 SP7
11.8.8-150700.3.15.1
fixed
suse enterprise server 15 SP4
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP5
10.6.27-150400.3.46.1
fixed
suse enterprise server 15 SP6
10.11.18-150600.4.20.1
fixed
suse enterprise server 15 SP7
11.8.8-150700.3.15.1
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/MariaDB/server/security/advisories/GHSA-667j-m53j-wpmc
https://jira.mariadb.org/browse/MDEV-39493