BDU:2026-07584

BDU

MediumConfirmedExploit available

Уязвимость плагина server audit plugin системы управления базами данных MariaDB связана с ошибками в настройках безопасности. Эксплуатация …

CVSS

4.3

Medium

EPSS

0.00

Published

2026-01-01

Updated

2026-01-01

Description

Уязвимость плагина server audit plugin системы управления базами данных MariaDB связана с ошибками в настройках безопасности. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти существующие механизмы безопасности

Affected products

Amazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mariadbAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Amazon rds for mysqlAmazon.com inc. Aurora mysqlAmazon.com inc. Aurora mysqlAmazon.com inc. Aurora mysqlAmazon.com inc. Aurora mysqlAmazon.com inc. Aurora mysqlAmazon.com inc. Aurora mysql

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Timeline

2026-01-01

Published

2026-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: L

Low (L)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: L

Low (L)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

CVE-2026-3494

github-poc · https://github.com/KKongTen/CVE-2026-3494_Verfication

Enterprise

Affected products

Mariadb Foundation

Mariadb

Amazon.com

Amazon Rds For Mariadb Amazon Rds For Mysql Aurora Mysql

Product	Vendor	Status
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mariadb	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
amazon rds for mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked
aurora mysql	amazon.com inc.	Tracked

Showing first 20 of 30

Source databases

BDU

Related vulnerabilities

CVE-2026-3494

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2026-3494@https://aws.amazon.com/ru/security/security-bulletins/2026-006-AWS/@https://github.com/MariaDB/server/commit/635559a2ad68a5a6d1a354e8209c58323dba0261@https://github.com/aws/audit-plugin-for-mysql/commit/01e25a5cb1073f131eea774c06c8a056b1e4b2ff@https://github.com/KKongTen/CVE-2026-3494_Verfication@https://redos.red-soft.ru/search/?iblock_id=&q=CVE-2026-3494