COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-44172

CVE-2026-44172

Severity
critical
Source
NVD · cve
Published
2026-06-12
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-44172
shame 35/100

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was vulnerabl

Players implicated

mariadb · vendormariadb · product

Description

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections, even though mysql_real_escape_string() was supposed to prevent them. This issue has been patched in versions 3.3.19 and 3.4.9.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.