ctipilot.ch

MariaDB Galera wsrep_notify_cmd shell injection (CVSS 10.0)

cve · CVE-2026-49261

Coverage timeline
1
first 2026-06-12 → last 2026-06-12
Briefs
1
1 distinct
Sources cited
13
10 hosts
Sections touched
1
deep_dive
Co-occurring entities
0
no co-occurrence

Story timeline

  1. 2026-06-12CTI Daily Brief — 2026-06-12
    deep_diveDeep dive. Galera wsrep_notify_cmd shell injection; cluster-internal RCE to mariadbd privileges; companion CVE-2026-48165/48163.

Where this entity is cited

  • deep_dive1

Source distribution

  • drupal.org3 (23%)
  • security-hub.ncsc.admin.ch2 (15%)
  • attack.mitre.org1 (8%)
  • bleepingcomputer.com1 (8%)
  • csoonline.com1 (8%)
  • imperva.com1 (8%)
  • mariadb.org1 (8%)
  • securityonline.info1 (8%)
  • other2 (15%)

External references

NVD · cve.org · CISA KEV

All cited sources (13)

Items in briefs about MariaDB Galera wsrep_notify_cmd shell injection (CVSS 10.0)

No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.