What is the CVSS score of CVE-2026-44173?

CVE-2026-44173 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-44173?

Yes, a patch is available for CVE-2026-44173. Update the affected software to the latest version immediately.

MariaDB CVE-2026-44173

EUVD-2026-36518 MEDIUM

Incorrect Authorization (CWE-863)

N/A vendor:alpine

Authentication Bypass MariaDB

5.3

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

5.3 MEDIUM

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

CVSS changed

Jun 16, 2026 - 19:07 NVD

5.0 (MEDIUM) 5.3 (MEDIUM)

Patch available

Jun 12, 2026 - 19:01 EUVD

CVSS changed

Jun 12, 2026 - 18:22 NVD

5.0 (MEDIUM)

Analysis Generated

May 27, 2026 - 23:12 vuln.today

DescriptionNVD

Alpine Linux: mariadb fixed in 11.8.7-r0

AnalysisAI

MariaDB on Alpine Linux received a security fix in package version 11.8.7-r0, addressing an unspecified vulnerability tracked as CVE-2026-44173. The nature of the underlying flaw, affected component, and attacker capability are not described in available intelligence - only the Alpine Linux vendor advisory confirms the patch. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Unknown access vector

Exploit

Unknown vulnerable MariaDB component

Impact

Unknown impact

Access

Unknown access vector

Exploit

Unknown vulnerable MariaDB component

Impact

Unknown impact

Vulnerability AssessmentAI

Exploitation	Exploitation conditions cannot be determined - no CVSS vector, CWE, or vulnerability description is available to identify required access level, configuration state, or triggering conditions. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Risk cannot be meaningfully assessed from available data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attack scenario cannot be constructed from available data - the affected MariaDB component, required access level, and exploitation mechanism are all unknown. No proof-of-concept code has been identified. …
Remediation	Upgrade the Alpine Linux MariaDB package to version 11.8.7-r0 or later using 'apk upgrade mariadb'. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-44173 vulnerability details – vuln.today

Back

MariaDB CVE-2026-44173

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Share

External POC / Exploit Code