VDB
TNCVE-2026-44172
TNCVE-2026-44172
PUBLISHED
MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections, even though mysql_real_escape_string() was supposed to prevent them. This issue has been patched in versions 3.3.19 and 3.4.9.
Timeline
- May 19, 2026 CVE Published
References
- Tenable: CVE-2026-44172 advisory