MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
{ "severity": "Critical", "cpes": [ "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*" ] }