VDB
CVE-2026-3494
CVE-2026-3494
PUBLISHED
MariaDB Server Audit Plugin Comment Handling Bypass
EPSS 0.02% · 4.6th percentile
Risk Scores
EPSS Score
0.02%
4.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | mariadb-min | 0, 10.7.0, 11.0.0 |
| Bitnami | mariadb | 10.7.0, 11.0.0, 11.5.0 |
| Bitnami | mysql-client | 0, 10.7.0, 10.7.0 |
Timeline
- Mar 3, 2026 CVE ID Reserved
- Mar 3, 2026 CVE Published
- Mar 3, 2026 PoC Published
- Mar 4, 2026 EPSS Score
- Mar 5, 2026 EPSS Score
- Mar 6, 2026 EPSS Score
- Mar 8, 2026 EPSS Score
- Mar 9, 2026 EPSS Score
- Mar 10, 2026 PoC Published
- Mar 10, 2026 EPSS Score
- Mar 11, 2026 EPSS Score
- Mar 13, 2026 EPSS Score
References
- https://aws.amazon.com/security/security-bulletins/2026-006-AWS/ url
- https://nvd.nist.gov/vuln/detail/CVE-2026-3494 url
- https://github.com/MariaDB/server/commit/635559a2ad68a5a6d1a354e8209c58323dba0261 fix
- https://github.com/aws/audit-plugin-for-mysql/commit/01e25a5cb1073f131eea774c06c8a056b1e4b2ff fix