VYPR
High severity8.5NVD Advisory· Published Mar 20, 2026· Updated Mar 31, 2026

CVE-2026-32710

CVE-2026-32710

Description

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9

Patches

Vulnerability mechanics

References

2

News mentions

1