Back to search

MariaDB

MariaDB

See the latest tracked release, confirm when it was published, and subscribe for update emails.

12.2 Switch to this train 11.8 (LTS) Switch to this train 11.4 (LTS) Switch to this train 10.11 (LTS) Switch to this train 10.6 (LTS) Current train
Current version
Last checked: yesterday

10.6.25

Release date
February 04, 2026
CVE status
1 visible CVE

Source

endoflife.date

Public release notes are linked for the latest stored release.

View release notes Subscribe to updates

Release history

See the latest published releases stored for this product.

Version Published Notes
10.6.25 2026-02-04 Release Notes

Vulnerability tracking

Review curated CVEs for this product and see whether the current version is marked affected. Only CVEs with a CVSS score of 7.0 or higher and published in the last 90 days are shown.

CVE Severity Published Status Summary
CVE-2026-32710 CRITICAL (9.9) 2026-03-20 Current versionunclear

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2.

Affected versions
  • From (including) 11.4.1 - Up to (excluding) 11.4.10
  • From (including) 11.8.1 - Up to (excluding) 11.8.6