CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.233

EPSS Ranking 95.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/Ant1sec-ops/CVE-2023-26785
https://seclists.org/fulldisclosure/2012/Dec/39

Products affected by CVE-2023-26785

Mariadb » Mariadb » Version: 10.5.0

cpe:2.3:a:mariadb:mariadb:10.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26785

Products

Pricing

Contact Us