Skip to main content

ProxySQL EUVDEUVD-2026-38074

| CVE-2026-48772 CRITICAL
Use of Less Trusted Source (CWE-348)
2026-06-19 GitHub_M
10.0
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
10.0 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
vuln.today AI
10.0 CRITICAL

Network-reachable frontend with default-permissive PP1 acceptance gives AV:N/AC:L/PR:N/UI:N; scope changes because routing/ACL authority is subverted; C:H/I:H from rule bypass, A:N as no DoS is described.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
Patch available
Jun 19, 2026 - 21:02 EUVD
Analysis Generated
Jun 19, 2026 - 20:17 vuln.today
CVE Published
Jun 19, 2026 - 19:28 cve.org
CRITICAL 10.0

DescriptionCVE.org

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN <addr> <addr> <port> <port>\r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOWN, the receiver MUST ignore any address fields that follow it, because the proxy has declared it cannot determine the client identity. ProxySQL parses those address fields anyway via sscanf and writes the spoofed source address into the session's addr.addr field. From there it flows directly into the query-rule matcher, where the client_addr predicate decides routing and ACL. When mysql-proxy_protocol_networks = '*' (the default), any TCP peer can send a PP1 frame and choose any source IP claim. With that, any mysql_query_rules row pinned to a client_addr value is forgeable: the attacker writes the address they want to match into the PP1 line, and ProxySQL routes their query as if it came from that address. In practice this is a routing and ACL bypass. Real deployments use client_addr for read-write splitting (internal apps go to the primary, public traffic to read replicas), per-app schema pinning, and query-filter rules (DDL allowed only from admin CIDR, public queries blocked from dangerous patterns). An attacker that can reach the frontend port can forge their way into any of those routes. Version 3.0.9 patches this issue.

AnalysisAI

Source-address spoofing in ProxySQL 2.0.0 through 3.0.8 lets any TCP peer that can reach the MySQL frontend port forge the client IP seen by the query-rule engine, bypassing routing and ACL controls. The flaw stems from incorrect parsing of the HAProxy PROXY protocol v1 UNKNOWN token, whose address fields the specification requires receivers to ignore. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach ProxySQL MySQL frontend port
Delivery
Send PP1 frame with forged UNKNOWN address
Exploit
ProxySQL writes spoofed IP to session addr
Execution
Query-rule engine matches client_addr predicate
Persist
Submit MySQL queries under forged identity
Impact
Bypass ACL or reach privileged backend

Vulnerability AssessmentAI

Exploitation ProxySQL must be configured to accept PROXY protocol v1 frames from the attacker's network position, which is the default behavior because `mysql-proxy_protocol_networks` ships set to `*` and accepts PP1 from any peer. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD score of 10.0 is inconsistent with the supplied vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N, which mathematically computes to 9.6 - the 10.0 figure should be treated cautiously and the vector taken as authoritative. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can open a TCP connection to ProxySQL's MySQL frontend port crafts a single PP1 line `PROXY UNKNOWN 10.0.0.5 1.2.3.4 3306 3306\r\n` to claim a trusted internal source IP, then submits MySQL queries over the same connection. The query-rule engine matches the forged `client_addr` against a privileged rule - for example one that pins admin CIDR to the primary writer or bypasses a public-traffic DDL block - and routes or authorizes the attacker's queries accordingly. …
Remediation Vendor-released patch: ProxySQL 3.0.9 - upgrade from any 2.0.0-3.0.8 build using the release at https://github.com/sysown/proxysql/releases/tag/v3.0.9 and follow GHSA-gw94-85m2-x8v2 for advisory details. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all ProxySQL instances running versions 2.0.0-3.0.8 with network-accessible MySQL frontend ports; document current ACL enforcement points. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-1094 HIGH POC
8.1 Feb 13

PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl

CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2026-20253 CRITICAL POC
9.8 Jun 10

Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.

CVE-2024-10553 CRITICAL POC
9.8 Mar 20

A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra

CVE-2026-40887 CRITICAL POC
9.1 Apr 14

## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin

CVE-2025-56157 CRITICAL POC
9.8 Dec 18

Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al

CVE-2024-12909 CRITICAL POC
9.8 Mar 20

A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for

CVE-2026-30860 CRITICAL POC
9.9 Mar 07

SQL injection in WeKnora LLM document understanding framework allows authenticated users to extract arbitrary database c

CVE-2021-47748 CRITICAL POC
9.8 Jan 21

Hasura GraphQL 1.3.3 has a remote code execution vulnerability allowing attackers to execute arbitrary shell commands th

CVE-2026-27005 CRITICAL POC
9.8 Mar 06

SQL injection in Chartbrew before 4.8.3. PoC available.

CVE-2025-53005 CRITICAL POC
9.8 Jul 01

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2025-53006 CRITICAL POC
9.8 Jul 02

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

Share

EUVD-2026-38074 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy