Search CVE reports


Toggle filters

11 – 20 of 1861 results


CVE-2026-44171

Medium priority
Needs evaluation

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in...

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mariadb Needs evaluation Needs evaluation Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Needs evaluation
mariadb-10.3 Not in release Not in release Not in release Needs evaluation
mariadb-10.6 Not in release Not in release Needs evaluation
Show less packages

CVE-2026-44170

Medium priority
Needs evaluation

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed...

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mariadb Needs evaluation Needs evaluation Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Needs evaluation
mariadb-10.3 Not in release Not in release Not in release Needs evaluation
mariadb-10.6 Not in release Not in release Needs evaluation
Show less packages

CVE-2026-44169

Medium priority
Needs evaluation

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine...

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mariadb Needs evaluation Needs evaluation Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Needs evaluation
mariadb-10.3 Not in release Not in release Not in release Needs evaluation
mariadb-10.6 Not in release Not in release Needs evaluation
Show less packages

CVE-2026-44168

Medium priority
Needs evaluation

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is...

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mariadb Needs evaluation Needs evaluation Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Needs evaluation
mariadb-10.3 Not in release Not in release Not in release Needs evaluation
mariadb-10.6 Not in release Not in release Needs evaluation
Show less packages

CVE-2026-11933

Medium priority
Needs evaluation

A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript (for...

1 affected package

mongodb

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mongodb Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-49261

Medium priority
Needs evaluation

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_cmd` enabled would execute...

5 affected packages

mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mariadb Needs evaluation Needs evaluation Not in release
mariadb-10.0 Not in release Not in release Not in release
mariadb-10.1 Not in release Not in release Not in release Needs evaluation
mariadb-10.3 Not in release Not in release Not in release Needs evaluation
mariadb-10.6 Not in release Not in release Needs evaluation
Show less packages

CVE-2026-9754

Medium priority
Needs evaluation

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command

1 affected package

mongodb

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mongodb Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-9753

Medium priority
Needs evaluation

The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $_internalApplyOplogUpdate can be executed by...

1 affected package

mongodb

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mongodb Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-9752

Medium priority
Needs evaluation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally...

1 affected package

mongodb

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mongodb Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-9751

Medium priority
Needs evaluation

The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.

1 affected package

mongodb

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mongodb Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages