CVE-2025-13699: MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
Published Nov 28, 2025
·Updated
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
Affected Software
4 affected componentsFixes available
MariaDB MariaDB
MariaDB MariaDB
Microsoft cbl2 mariadb 10.6.21-1
Microsoft azl3 mariadb 10.11.11-1
Event History
Nov 28, 2025
Data Sourced
via Red Hat·12:44 PM
DescriptionSeverityAffected Software
Dec 23, 2025
CVE Published
via MITRE·09:40 PM
Data Sourced
via MITRE·09:40 PM
DescriptionSeverityWeakness
Advisory Published
via ZDI·09:44 PM
Data Sourced
via ZDI·09:44 PM
DescriptionSeverityAffected Software
Data Sourced
via NVD·10:15 PM
DescriptionSeverityWeakness
Dec 27, 2025
Data Sourced
via Microsoft·01:01 AM
DescriptionSeverityWeaknessAffected Software
Updated
via Microsoft·01:01 AM
DescriptionSeverity
Updated
via Microsoft·01:01 AM
Affected Software
Frequently Asked Questions
1
What is the severity of CVE-2025-13699?
CVE-2025-13699 is classified as a critical severity vulnerability that allows remote code execution.
2
How do I fix CVE-2025-13699?
To mitigate CVE-2025-13699, update MariaDB to the latest version that addresses this vulnerability.
3
What are the potential impacts of CVE-2025-13699?
Exploitation of CVE-2025-13699 can lead to unauthorized access and execution of arbitrary code on affected MariaDB systems.
4
Who is affected by CVE-2025-13699?
CVE-2025-13699 affects installations of the MariaDB database server that utilize the mariadb-dump utility.
5
Is there a workaround for CVE-2025-13699?
Currently, the recommended approach is to apply updates, as no specific workarounds have been detailed for CVE-2025-13699.