CVE-2026-32710
Received Received - Intake
Crash and Potential RCE in MariaDB JSON_SCHEMA_VALID() Function

Publication date: 2026-03-20

Last updated on: 2026-03-31

Assigner: GitHub, Inc.

Description
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Under certain conditions it might be possible to turn the crash into a remote code execution. These conditions require tight control over memory layout which is generally only attainable in a lab environment. This issue is fixed in MariaDB 11.4.10, MariaDB 11.8.6, and MariaDB 12.2.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-20
Last Modified
2026-03-31
Generated
2026-06-16
AI Q&A
2026-03-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32710
EUVD
EUVD-2026-13764
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
mariadb mariadb 12.1.2
mariadb mariadb From 11.4.1 (inc) to 11.4.10 (exc)
mariadb mariadb From 11.8.1 (inc) to 11.8.6 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-32710 is a high-severity heap-based buffer overflow vulnerability in the MariaDB server, specifically in the JSON_SCHEMA_VALID() function.

An authenticated user can cause the MariaDB server to crash by exploiting this flaw. Under very specific conditions that require precise control over memory layoutβ€”usually only possible in a lab environmentβ€”this crash can be escalated to remote code execution.

The vulnerability affects MariaDB versions 11.4.1 through 11.4.9, 11.8.1 through 11.8.5, and 12.1.2, and has been fixed in versions 11.4.10, 11.8.6, and 12.2.2.

Impact Analysis

This vulnerability can cause the MariaDB server to crash, resulting in denial of service.

In rare and controlled conditions, it may allow an attacker to execute arbitrary code remotely, potentially compromising the confidentiality, integrity, and availability of the database server.

  • Denial of Service (server crash)
  • Potential Remote Code Execution under specific conditions
  • High impact on confidentiality, integrity, and availability
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing the MariaDB server's JSON_SCHEMA_VALID() function with a JSON schema containing a long enum array, which triggers the crash."}, {'type': 'paragraph', 'content': 'A specific example command to reproduce the crash is:'}, {'type': 'list_item', 'content': 'select json_schema_valid(\'{"enum":[0]}\', sformat(\'"{:#>200}"\', \'0\'));'}, {'type': 'paragraph', 'content': 'If this command causes the server to hang or crash, it indicates the presence of the vulnerability.'}] [2]

Mitigation Strategies

The immediate mitigation step is to upgrade MariaDB to a fixed version where the vulnerability is resolved.

  • Upgrade to MariaDB version 11.4.10 or later.
  • Upgrade to MariaDB version 11.8.6 or later.
  • Upgrade to MariaDB version 12.2.2 or later.

Until the upgrade can be applied, restrict access to the MariaDB server to trusted users only, as the vulnerability requires authenticated user privileges.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32710. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart