A vulnerability was found in MariaDB Server 3.3.18/3.4.8 . It has been declared as critical . This impacts the function mysql_real_escape_string . The manipulation results in sql injection. This vulnerability was named CVE-2026-44172 . The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.