CVE-2026-3494 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_D…
Medium CVSS: 5.3

CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged.
Vendor
Mariadb
Product
Mariadb
CWE
CWE-778
Yayın Tarihi
2026-03-03 20:16:50
Güncelleme
2026-03-16 18:16:09
Source Identifier
ff89ba41-3aa1-4d27-914a-91399e9639e5
KEV Date Added
-

Kategoriler

CWE-778 Mariadb MEDIUM Mariadb 2026

Referanslar

https://aws.amazon.com/security/security-bulletins/2026-006-AWS/ https://github.com/MariaDB/server/commit/635559a2ad68a5a6d1a354e8209c58323dba0261 https://github.com/aws/audit-plugin-for-mysql/commit/01e25a5cb1073f131eea774c06c8a056b1e4b2ff