MariaDB database vulnerable: Malicious code or crashes possible
(Bild: Artur Szczybylo/Shutterstock.com)
MariaDB developers have closed a security vulnerability. A patch is available.
The open-source database management system MariaDB is vulnerable, and attackers can exploit a software flaw. In the worst case, malicious code can get onto systems.
Install Security Update
The vulnerability (CVE-2026-32710 "high") is in the JSON_SCHEMA_VALID() function, according to a warning notice [1]. At this point, attackers can trigger a memory error through an unspecified method. This leads to crashes. In such cases, malicious code can often also get onto PCs and compromise them.
Admins should therefore ensure that one of the protected versions 11.4.10, 11.8.6, or 12.2.2 is installed. So far, there are no reports of ongoing attacks. It is also unclear so far which parameters can be used to identify already attacked computers.
[2](des [3])
Don't miss any news – follow us on Facebook [4], LinkedIn [5] or Mastodon [6].
This article was originally published in German [7]. It was translated with technical assistance and editorially reviewed before publication.
URL dieses Artikels:
https://www.heise.de/-11224282
Links in diesem Artikel:
[1] https://github.com/MariaDB/server/security/advisories/GHSA-4rj5-2227-9wgc
[2] https://pro.heise.de/security/?LPID=39555_HS1L0001_27416_999_0&wt_mc=disp.fd.security-pro.security_pro24.disp.disp.disp
[3] mailto:des@heise.de
[4] https://www.facebook.com/heiseonlineEnglish
[5] https://www.linkedin.com/company/104691972
[6] https://social.heise.de/@heiseonlineenglish
[7] https://www.heise.de/news/Datenbankmanagementsystem-MariaDB-kann-crashen-oder-Schadcode-auf-Systeme-lassen-11224256.html
Copyright © 2026 Heise Medien