MariaDB Server Audit Plugin Comment Handling Bypass — CVE-2026-3494

Summary

Advisory CVE-2026-3494. MariaDB Server Audit Plugin Comment Handling Bypass Vendor: Microsoft. Source: MSRC. Threat: medium. CVSS 4.3. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Review exposure and plan remediation based on risk and environment.
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• bad reuse of HTTP Negotiate connection CVE-2026-1965
• token leak with redirect and netrc CVE-2026-3783
• wrong proxy connection reuse with credentials CVE-2026-3784
• Microsoft Authenticator Information Disclosure Vulnerability CVE-2026-26123
• Push message Routing Service Elevation of Privilege Vulnerability CVE-2026-24282
• Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability CVE-2026-25186
• Windows Graphics Component Denial of Service Vulnerability CVE-2026-25168
• Windows Graphics Component Denial of Service Vulnerability CVE-2026-25169
• Windows Graphics Component Information Disclosure Vulnerability CVE-2026-25180
• Windows Kerberos Security Feature Bypass Vulnerability CVE-2026-24297
• Windows Mobile Broadband Driver Remote Code Execution Vulnerability CVE-2026-24288
• Windows Shell Link Processing Spoofing Vulnerability CVE-2026-25185