CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2.

CVSS v3 8.5 HIGH

8.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/MariaDB/server/security/advisories/GHSA-4rj5-2227-9wgc
https://jira.mariadb.org/browse/MDEV-38356

Configurations

No configuration.

History

No history.

Information

Published : 2026-03-20 19:16

Updated : 2026-03-24 15:54

NVD link : CVE-2026-32710

Mitre link : CVE-2026-32710

CVE.ORG link : CVE-2026-32710

JSON object : View

Products Affected

No product.

CWE

CWE-122

Heap-based Buffer Overflow

{"id": "CVE-2026-32710", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}]}, "published": "2026-03-20T19:16:16.670", "references": [{"url": "https://github.com/MariaDB/server/security/advisories/GHSA-4rj5-2227-9wgc", "source": "security-advisories@github.com"}, {"url": "https://jira.mariadb.org/browse/MDEV-38356", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2."}, {"lang": "es", "value": "El servidor MariaDB es una bifurcaci\u00f3n desarrollada por la comunidad del servidor MySQL. Un usuario autenticado puede provocar la ca\u00edda de las versiones de MariaDB 11.4 anteriores a la 11.4.10 y 11.8 anteriores a la 11.8.6 a trav\u00e9s de un error en la funci\u00f3n JSON_SCHEMA_VALID(). Bajo ciertas condiciones, podr\u00eda ser posible convertir la ca\u00edda en una ejecuci\u00f3n remota de c\u00f3digo. Estas condiciones requieren un control estricto sobre la disposici\u00f3n de la memoria, lo cual generalmente solo es alcanzable en un entorno de laboratorio. Este problema est\u00e1 solucionado en MariaDB 11.4.10, MariaDB 11.8.6 y MariaDB 12.2.2."}], "lastModified": "2026-03-24T15:54:09.400", "sourceIdentifier": "security-advisories@github.com"}