A critical command injection vulnerability in MariaDB server allows for arbitrary shell command execution, potentially leading to full server compromise.

The issue arises when the wsrep_notify_cmd feature is enabled, as the server fails to sanitize the joiner node name, allowing shell commands to be injected and executed by the system.

With a CVSS score of 10.0, this vulnerability provides an attacker with the highest level of risk, enabling remote code execution with the privileges of the database service. This could result in total data exfiltration, database destruction, or lateral movement within the network.

Immediate Action: Upgrade MariaDB to versions 10.6.27, 10.11.18, 11.4.12, 11.8.8, or 12.3.2 as applicable to your release branch.

Proactive Monitoring: Monitor database logs and system process activity for unexpected shell command executions or suspicious joiner node naming conventions.

Compensating Controls: If immediate patching is not possible, disable the wsrep_notify_cmd feature immediately to eliminate the attack vector.

Public Exploit Available: False

This vulnerability carries a maximum severity rating and must be treated as an emergency. If your MariaDB cluster uses Galera replication, verify if wsrep_notify_cmd is enabled and apply the necessary patches or configuration changes immediately.