Security Advisory

CVE-2026-3494

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-03 18:12:12

Last updated 2026-03-16 17:03:08

Assigner AMZN

State PUBLISHED

Description

In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged.

← Browse all CVEs View on cve.org ↗