CVE-2026-47847

Name of the Vulnerable Software and Affected Versions Bitnami MariaDB Galera container image versions 10.6.x prior to 10.6.27-photon-5-r0 Bitnami MariaDB Galera container image versions 10.11.x prior to 10.11.17-photon-5-r1 Bitnami MariaDB Galera container image versions 11.4.x prior to 11.4.12-photon-5-r0 Bitnami MariaDB Galera container image versions 11.8.x prior to 11.8.7-photon-5-r1 Bitnami MariaDB Galera container image versions 12.3.x prior to 12.3.2-photon-5-r0 / 12.3.2-debian-12-r0 Bitnami MariaDB Galera Helm chart versions prior to 18.3.0

Description Hardcoded default credentials exist for the Galera replication health-check user. The environment variables MARIADB REPLICATION USER and MARIADB REPLICATION PASSWORD both default to "monitor". This user is granted REPLICATION CLIENT privileges from any host ('%'). Because the Helm chart did not expose parameters to configure these credentials, all deployments used these known defaults. A remote attacker with network access to the MariaDB port can authenticate using these credentials to query replication topology and status information.

Recommendations Update container image 10.6.x to 10.6.27-photon-5-r0 or later. Update container image 10.11.x to 10.11.17-photon-5-r1 or later. Update container image 11.4.x to 11.4.12-photon-5-r0 or later. Update container image 11.8.x to 11.8.7-photon-5-r1 or later. Update container image 12.3.x to 12.3.2-photon-5-r0 / 12.3.2-debian-12-r0 or later. Update Helm chart to version 18.3.0 or later.