CVE-2026-3494

CVE-2026-3494

Name

CVE-2026-3494

Description

In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
ff89ba41-3aa1-4d27-914a-91399e9639e5	https://aws.amazon.com/security/security-bulletins/2026-006-AWS/
ff89ba41-3aa1-4d27-914a-91399e9639e5	https://github.com/MariaDB/server/commit/635559a2ad68a5a6d1a354e8209c58323dba0261
ff89ba41-3aa1-4d27-914a-91399e9639e5	https://github.com/aws/audit-plugin-for-mysql/commit/01e25a5cb1073f131eea774c06c8a056b1e4b2ff

Type

URI

ff89ba41-3aa1-4d27-914a-91399e9639e5

https://aws.amazon.com/security/security-bulletins/2026-006-AWS/

ff89ba41-3aa1-4d27-914a-91399e9639e5

https://github.com/MariaDB/server/commit/635559a2ad68a5a6d1a354e8209c58323dba0261

ff89ba41-3aa1-4d27-914a-91399e9639e5

https://github.com/aws/audit-plugin-for-mysql/commit/01e25a5cb1073f131eea774c06c8a056b1e4b2ff

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:mariadb:mariadb::::::::`	mariadb	>= None	<= 10.6.24
`cpe:2.3:a:mariadb:mariadb::::::::`	mariadb	>= 10.7.0	<= 10.11.15
`cpe:2.3:a:mariadb:mariadb::::::::`	mariadb	>= 11.0.0	<= 11.4.9
`cpe:2.3:a:mariadb:mariadb::::::::`	mariadb	>= 11.5.0	<= 11.8.5

CPE URI

Source package

Min version

Max version

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

mariadb

>= None

<= 10.6.24

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

mariadb

>= 10.7.0

<= 10.11.15

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

mariadb

>= 11.0.0

<= 11.4.9

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

mariadb

>= 11.5.0

<= 11.8.5

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
mariadb	edge-main	11.8.5-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.8.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.7-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.5-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.4-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	11.4.4-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.11.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.11.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.12-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.10-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.8-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.6.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.5.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.5.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	edge-main	10.5.8-r0	None	possibly vulnerable
mariadb	edge-main	10.5.6-r0	None	possibly vulnerable
mariadb	edge-main	10.4.13-r0	None	possibly vulnerable
mariadb	edge-main	10.4.12-r0	None	possibly vulnerable
mariadb	edge-main	10.4.10-r0	None	possibly vulnerable
mariadb	edge-main	10.4.7-r0	None	possibly vulnerable
mariadb	edge-main	10.3.15-r0	None	possibly vulnerable
mariadb	edge-main	10.3.13-r0	None	possibly vulnerable
mariadb	edge-main	10.3.11-r0	None	possibly vulnerable
mariadb	edge-main	10.2.15-r0	None	possibly vulnerable
mariadb	edge-main	10.1.22-r0	None	possibly vulnerable
mariadb	edge-main	10.1.21-r0	None	possibly vulnerable
mariadb	3.23-main	11.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.22-main	11.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.22-main	11.4.5-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.22-main	11.4.5-r0	None	possibly vulnerable
mariadb	3.22-main	10.11.8-r0	None	possibly vulnerable
mariadb	3.22-main	10.11.6-r0	None	possibly vulnerable
mariadb	3.22-main	10.6.9-r0	None	possibly vulnerable
mariadb	3.22-main	10.6.8-r0	None	possibly vulnerable
mariadb	3.22-main	10.6.7-r0	None	possibly vulnerable
mariadb	3.22-main	10.6.4-r0	None	possibly vulnerable
mariadb	3.22-main	10.5.11-r0	None	possibly vulnerable
mariadb	3.22-main	10.5.9-r0	None	possibly vulnerable
mariadb	3.22-main	10.5.8-r0	None	possibly vulnerable
mariadb	3.22-main	10.5.6-r0	None	possibly vulnerable
mariadb	3.22-main	10.4.13-r0	None	possibly vulnerable
mariadb	3.22-main	10.4.12-r0	None	possibly vulnerable
mariadb	3.22-main	10.4.10-r0	None	possibly vulnerable
mariadb	3.22-main	10.4.7-r0	None	possibly vulnerable
mariadb	3.22-main	10.3.15-r0	None	possibly vulnerable
mariadb	3.22-main	10.3.13-r0	None	possibly vulnerable
mariadb	3.22-main	10.3.11-r0	None	possibly vulnerable
mariadb	3.22-main	10.2.15-r0	None	possibly vulnerable
mariadb	3.22-main	10.1.22-r0	None	possibly vulnerable
mariadb	3.22-main	10.1.21-r0	None	possibly vulnerable
mariadb	3.21-main	11.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.21-main	11.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.21-main	11.4.4-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.21-main	10.11.8-r0	None	possibly vulnerable
mariadb	3.21-main	10.11.6-r0	None	possibly vulnerable
mariadb	3.21-main	10.6.9-r0	None	possibly vulnerable
mariadb	3.21-main	10.6.8-r0	None	possibly vulnerable
mariadb	3.21-main	10.6.7-r0	None	possibly vulnerable
mariadb	3.21-main	10.6.4-r0	None	possibly vulnerable
mariadb	3.21-main	10.5.11-r0	None	possibly vulnerable
mariadb	3.21-main	10.5.9-r0	None	possibly vulnerable
mariadb	3.21-main	10.5.8-r0	None	possibly vulnerable
mariadb	3.21-main	10.5.6-r0	None	possibly vulnerable
mariadb	3.21-main	10.4.13-r0	None	possibly vulnerable
mariadb	3.21-main	10.4.12-r0	None	possibly vulnerable
mariadb	3.21-main	10.4.10-r0	None	possibly vulnerable
mariadb	3.21-main	10.4.7-r0	None	possibly vulnerable
mariadb	3.21-main	10.3.15-r0	None	possibly vulnerable
mariadb	3.21-main	10.3.13-r0	None	possibly vulnerable
mariadb	3.21-main	10.3.11-r0	None	possibly vulnerable
mariadb	3.21-main	10.2.15-r0	None	possibly vulnerable
mariadb	3.21-main	10.1.22-r0	None	possibly vulnerable
mariadb	3.21-main	10.1.21-r0	None	possibly vulnerable
mariadb	3.20-main	10.11.14-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.20-main	10.11.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.20-main	10.11.10-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.20-main	10.11.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.20-main	10.11.6-r0	None	possibly vulnerable
mariadb	3.20-main	10.6.9-r0	None	possibly vulnerable
mariadb	3.20-main	10.6.8-r0	None	possibly vulnerable
mariadb	3.20-main	10.6.7-r0	None	possibly vulnerable
mariadb	3.20-main	10.6.4-r0	None	possibly vulnerable
mariadb	3.20-main	10.5.11-r0	None	possibly vulnerable
mariadb	3.20-main	10.5.9-r0	None	possibly vulnerable
mariadb	3.20-main	10.5.8-r0	None	possibly vulnerable
mariadb	3.20-main	10.5.6-r0	None	possibly vulnerable
mariadb	3.20-main	10.4.13-r0	None	possibly vulnerable
mariadb	3.20-main	10.4.12-r0	None	possibly vulnerable
mariadb	3.20-main	10.4.10-r0	None	possibly vulnerable
mariadb	3.20-main	10.4.7-r0	None	possibly vulnerable
mariadb	3.20-main	10.3.15-r0	None	possibly vulnerable
mariadb	3.20-main	10.3.13-r0	None	possibly vulnerable
mariadb	3.20-main	10.3.11-r0	None	possibly vulnerable
mariadb	3.20-main	10.2.15-r0	None	possibly vulnerable
mariadb	3.20-main	10.1.22-r0	None	possibly vulnerable
mariadb	3.20-main	10.1.21-r0	None	possibly vulnerable
mariadb	3.19-main	10.11.14-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.19-main	10.11.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.19-main	10.11.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mariadb	3.19-main	10.6.9-r0	None	possibly vulnerable
mariadb	3.19-main	10.6.8-r0	None	possibly vulnerable
mariadb	3.19-main	10.6.7-r0	None	possibly vulnerable
mariadb	3.19-main	10.6.4-r0	None	possibly vulnerable
mariadb	3.19-main	10.5.11-r0	None	possibly vulnerable
mariadb	3.19-main	10.5.9-r0	None	possibly vulnerable
mariadb	3.19-main	10.5.8-r0	None	possibly vulnerable
mariadb	3.19-main	10.5.6-r0	None	possibly vulnerable
mariadb	3.19-main	10.4.13-r0	None	possibly vulnerable
mariadb	3.19-main	10.4.12-r0	None	possibly vulnerable
mariadb	3.19-main	10.4.10-r0	None	possibly vulnerable
mariadb	3.19-main	10.4.7-r0	None	possibly vulnerable
mariadb	3.19-main	10.3.15-r0	None	possibly vulnerable
mariadb	3.19-main	10.3.13-r0	None	possibly vulnerable
mariadb	3.19-main	10.3.11-r0	None	possibly vulnerable
mariadb	3.19-main	10.2.15-r0	None	possibly vulnerable
mariadb	3.19-main	10.1.22-r0	None	possibly vulnerable
mariadb	3.19-main	10.1.21-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages