EUVD-2026-36513
OS Command Injection (CWE-78)
N/A
vendor:alpine
6.3
CVSS 4.0 · Vendor: vendor:alpine
Share
Severity by source
Vendor (vendor:alpine)
PRIMARY
6.3
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (vendor:alpine) · only source for this CVE.
CVSS VectorVendor: vendor:alpine
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X
Lifecycle Timeline
3
Patch available
Jun 12, 2026 - 19:01 EUVD
CVSS changed
Jun 12, 2026 - 18:22 NVD
6.3 (MEDIUM)
Analysis Generated
May 27, 2026 - 23:12 vuln.today
DescriptionCVE.org
Alpine Linux: mariadb fixed in 11.8.7-r0
AnalysisAI
MariaDB on Alpine Linux contains an uncharacterized vulnerability addressed in Alpine package version 11.8.7-r0. The nature, impact class, and exploitability of this vulnerability cannot be determined from available data - no CVSS score, vector, CWE classification, or detailed description has been published. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Access
Unknown access vector
Exploit
Trigger uncharacterized MariaDB defect
Impact
Achieve unconfirmed impact
Access
Unknown access vector
Exploit
Trigger uncharacterized MariaDB defect
Impact
Achieve unconfirmed impact
Vulnerability AssessmentAI
| Exploitation | Exploitation conditions cannot be determined from available data. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Risk cannot be meaningfully quantified from available data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attack scenario cannot be constructed from available data - the vulnerability type, affected component within MariaDB, required access level, and exploitable condition are all unknown. No proof-of-concept code has been identified. … |
| Remediation | Upgrade the Alpine Linux MariaDB package to version 11.8.7-r0 or later using 'apk upgrade mariadb'. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).