# What's New in MariaDB Enterprise Server 10.6? {% hint style="info" %}

The most recent release of MariaDB Enterprise Server 10.6 is:

MariaDB Enterprise Server 10.6.25-21 Download Now

{% endhint %} MariaDB Enterprise Server 10.6 introduces the new features listed below. ## Atomic DDL DDL (Data Definition Language) statements are now atomic operations. If the DDL statement is not fully successful, the operation will be rolled back. When the server crashes or is killed in the middle of a DDL statement, the operation is rolled back during crash recovery when the server is restarted. During crash recovery, the server uses the DDL log to determine if an operation needs to be rolled back. When the [binary log](/docs/server/reference/data-types/string-data-types/binary.md) is enabled, the crash recovery process ensures that the successful operations are written to the binary log and that the unsuccessful operations are not. By default, the DDL log is at `ddl-recovery.log` in the [datadir](/docs/server/server-management/variables-and-modes/server-system-variables.md#datadir). When DDL statements are being executed, the DDL log is synchronized to disk very frequently. If you want to configure a custom path for the DDL log, the [log-ddl-recovery](/docs/server/server-management/starting-and-stopping-mariadb/mariadbd-options.md) option can be used. As of this release, the following storage engines fully support atomic DDL: * [Aria](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/storage-engines/aria) * [InnoDB](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/storage-engines/innodb) * [MyISAM](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/storage-engines/myisam-storage-engine) * [MyRocks](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/storage-engines/myrocks) ## SKIP LOCKED [SELECT \[ FOR UPDATE | LOCK IN SHARED MODE \] .. SKIP LOCKED](/docs/server/reference/sql-statements/data-manipulation/selecting-data/select.md) ignores already-locked rows. One use case for this feature is within applications that sell a limited resource, such as ticketing, rentals, or seat-based sales. In these applications, you need a way to display only the available inventory. This can be accomplished by querying available inventory and skipping locked rows. ```sql SELECT * FROM ticketing WHERE claimed = 0 AND section = 'B' ORDER BY row DESC LIMIT 10 FOR UPDATE SKIP LOCKED; ``` ## Enterprise Audit Object Filters [MariaDB Enterprise Audit](https://mariadb.com/resources/blog/mariadb-enterprise-audit-the-new-plugin) allows database-specific and table-specific filters. For example: ```json { "connect_event" : "ALL", "table_event" : ["READ","WRITE",{"ignore_tables" : "mysql.*"}], "query_event" : ["DDL",{"tables" : "test.t2"}] } ``` ## JSON\_TABLE [JSON\_TABLE()](/docs/server/reference/sql-functions/special-functions/json-functions/json_table.md) returns a table from JSON data. Queryable rows and columns are produced based on the JSON input, but are not stored in a table on disk. Column mappings are defined in a JSON path expression. Prior to this release, the [JSON\_VALUE()](/docs/server/reference/sql-functions/special-functions/json-functions/json_value.md) and [JSON\_QUERY()](/docs/server/reference/sql-functions/special-functions/json-functions/json_query.md) functions could be used to retrieve values from JSON data on a per-column basis. With `JSON_TABLE()`: * JSON data can `JOIN` with existing tables. * A table can be created from JSON data using [CREATE TABLE .. AS SELECT](/docs/server/server-usage/tables/create-table.md) against a `JSON_TABLE()`. * [NESTED PATH](/docs/server/reference/sql-functions/special-functions/json-functions/json_table.md) enables extraction of nested data from JSON arrays and objects. ## Sys Schema sys schema provides a set of views, functions, and stored procedures to aid DBA analysis of the [Performance Schema](/docs/server/reference/system-tables/performance-schema.md). ## OFFSET Syntax Additional syntax is supported for [SELECT .. OFFSET](/docs/server/reference/sql-statements/data-manipulation/selecting-data/select.md) `OFFSET start { ROW | ROWS } FETCH { FIRST | NEXT } [ count ] { ROW | ROWS } { ONLY | WITH TIES }` is an alternative to `LIMIT .. OFFSET` The `WITH TIES` option requires the use of `ORDER BY` and allows the number of rows to exceed the `FETCH` count to ensure that the final row in the chunk includes any additional rows that have the same values in the `ORDER BY` fields (eliminating the need to fetch the next chunk to check for spill-over). * For example, the following query can return more than 10 rows if there are more `username` rows that match the `username` in the 10th row (the order of the `purchase` values within the complete set of each username's records is non-deterministic): ```sql SELECT username, purchase FROM user_purchases ORDER BY username OFFSET 305 ROWS FETCH NEXT 10 ROW WITH TIES; ``` * For example, the following query specifies `ONLY` instead of `WITH TIES`, so the query can't return more than 10 rows: ```sql SELECT username, purchase FROM user_purchases ORDER BY username, purchase OFFSET 0 ROWS FETCH NEXT 10 ROWS ONLY; ``` ## Enhanced Consistency for Semi-sync Replication When [rpl\_semi\_sync\_slave\_enabled=ON](/docs/server/ha-and-performance/standard-replication/semisynchronous-replication.md#rpl_semi_sync_slave_enabled), consistency is guaranteed for a Primary server in an HA (Primary/Replica) topology when using semi-synchronous replication. Prior to this release, when using semi-synchronous replication, if a Primary crashed before sending a transaction to the Replica, on restart the Primary could recover incomplete InnoDB transactions when rejoining as a Replica. With this release, when using semi-synchronous replication and with `rpl_semi_sync_slave_enabled=ON`, incomplete transactions will be rolled-back on the Replica, ensuring the new Primary (former Replica) and new Replica (former Primary) remain in sync. ## Enhanced Compatibility with Oracle Expanded compatibility with Oracle through new functions: * Added function [ADD\_MONTHS()](/docs/server/reference/sql-functions/date-time-functions/add_months.md) * Added function [ROWNUM()](/docs/server/reference/sql-functions/secondary-functions/information-functions/rownum.md) * Added function [SYS\_GUID()](/docs/server/reference/sql-functions/secondary-functions/miscellaneous-functions/sys_guid.md) * Added function [TO\_CHAR()](/docs/server/reference/sql-functions/string-functions/to_char.md) Expanded compatibility with Oracle through [sql\_mode=ORACLE](/docs/server/server-management/variables-and-modes/sql_mode.md) enhancements: * With `sql_mode=ORACLE` added `MINUS` as an alias to `EXCEPT` * With `sql_mode=ORACLE` improved `SYSDATE` to allow use without parenthesis. * With `sql_mode=ORACLE` supports a [rownum](/docs/server/reference/sql-functions/secondary-functions/information-functions/rownum.md) pseudo-column name as an alias for the [ROWNUM()](/docs/server/reference/sql-functions/secondary-functions/information-functions/rownum.md) function. * With `sql_mode=ORACLE` subqueries in a `FROM` clause do not require the AS clause. ## Enhanced Compatibility with Sybase SQL Anywhere Enhanced compatibility with Sybase SQL Anywhere through \[sql\_mode=EXTENDED\_ALIASES] * With `sql_mode=EXTENDED_ALIASES`, alias resolution and use of column aliases in the SQL [SELECT](/docs/server/reference/sql-statements/data-manipulation/selecting-data/select.md) list and `WHERE` clause. * With `sql_mode=EXTENDED_ALIASES`, support use of an alias in the [SELECT](/docs/server/reference/sql-statements/data-manipulation/selecting-data/select.md) list before the alias is defined. * With `sql_mode=EXTENDED_ALIASES`, if the same label is used for an alias and a column, the alias is used. ## Backported Features [MariaDB Enterprise Server 10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) MariaDB Enterprise Server enables a predictable development and operations experience through an [enterprise lifecycle](/docs/release-notes/enterprise-server/about/enterprise-server-lifecycle.md). These new features have been backported after reaching maturity in MariaDB Community Server: * [mariadb-dump option --as-of](/docs/server/clients-and-utilities/backup-restore-and-import-clients/mariadb-dump.md) reads data as of specific timestamp from system-versioned tables. (MENT-1457) * Added [JSON\_EQUALS() function](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/sql-statements-and-structure/sql-statements/built-in-functions/special-functions/json-functions/json_equals) to check JSON equality. (MENT-1452) * Added [JSON\_NORMALIZE() function](https://app.gitbook.com/s/SsmexDFPv2xG2OTyO5yV/reference/sql-statements-and-structure/sql-statements/built-in-functions/special-functions/json-functions/json_normalize) to normalize JSON values. (MENT-1456) * Added [password\_reuse\_check password validation plugin](/docs/server/reference/plugins/password-validation-plugins/password-reuse-check-plugin.md). (MENT-1451) [MariaDB Enterprise Server 10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) * The `UUID` data type has been backported from MariaDB Community Server 10.7 for more efficient storage of `UUID` values. ([MENT-1459](https://jira.mariadb.org/browse/MENT-1459)) [MariaDB Enterprise Server 10.6.11-6](/docs/release-notes/enterprise-server/10.6/10.6.11-6.md) * The new [slave\_max\_statement\_time system variable](/docs/server/ha-and-performance/standard-replication/replication-and-binary-log-system-variables.md) is available to set the maximum execution time for queries on replica nodes. ([MENT-1566](https://jira.mariadb.org/browse/MENT-1566), [MDEV-27161](https://jira.mariadb.org/browse/MDEV-27161)) * When a query takes more than `slave_max_statement_time` seconds to run on the replica (slave) node, the query is aborted, and replication stops with an error. * The system variable can be set to a decimal value, where the decimal component has microsecond precision. * When set to `0`, there is no timeout. * The default value is `0`. * To simplify maintenance, the [ALTER TABLE](/docs/server/reference/sql-statements/data-definition/alter/alter-table.md) statement supports new clauses to convert tables to partitions and partitions to tables. ([MENT-1454](https://jira.mariadb.org/browse/MENT-1454)) * To convert a partition to a table, use the `CONVERT PARTITION .. TO TABLE ..` clause: ```sql ALTER TABLE partitioned_table CONVERT PARTITION part1 TO TABLE normal_table; ``` * To convert a table to a partition, use the `CONVERT TABLE .. TO PARTITION ..` clause: ```sql ALTER TABLE partitioned_table CONVERT TABLE normal_table TO PARTITION part1 VALUES LESS THAN (12345); ``` * The new `CONVERT PARTITION` and `CONVERT TABLE` clauses are crash-safe operations. * The `EXCHANGE PARTITION` clause can still be used, but it is not a crash-safe operation. [MariaDB Enterprise Server 10.6.12-7](/docs/release-notes/enterprise-server/10.6/10.6.12-7.md) * In previous releases, the number of undo logs was configurable before InnoDB was initialized. With this release, the number of undo logs can also be configured after install. * The number of undo logs is configured by the InnoDB system variable `--innodb-undo-tablespaces`. * Splitting undo logs over multiple tablespaces can reduce the size of a single tablespace, especially the InnoDB system tablespace. * In previous releases, the number of undo logs had to be configured before InnoDB was initialized, so changing the number of undo logs would require setting up a new server instance. With this backport from MariaDB Community Server 10.11, the number of undo logs can be changed so it will take effect with the next server start. (MENT-1650) [MariaDB Enterprise Server 10.6.15-10](/docs/release-notes/enterprise-server/10.6/10.6.15-10.md) * [JSON\_OVERLAPS()](/docs/server/reference/sql-functions/special-functions/json-functions/json_overlaps.md) has been backported. ([MENT-1853](https://jira.mariadb.org/browse/MENT-1853)) * The `JSON_OVERLAPS()` function can be used to compare two JSON documents to determine if they have any key-value pairs or array elements in common. ```sql SELECT JSON_OVERLAPS('{"A": 1, "B": {"C":2}}', '{"A": 2, "B": {"C":2}}') AS is_overlap; ``` ``` +---------------------+ | is_overlap | +---------------------+ | 1 | +---------------------+ ``` * [JSON\_SCHEMA\_VALID()](/docs/server/reference/sql-functions/special-functions/json-functions/json_schema_valid.md) has been backported. ([MENT-1796](https://jira.mariadb.org/browse/MENT-1796)) * The `JSON_SCHEMA_VALID()` function can be used to validate a JSON document against a JSON schema, as documented by the [JSON Schema Draft 2020.](https://json-schema.org/draft/2020-12/release-notes) * This function can also be used in a `CHECK` constraint to verify that JSON documents are only stored in the database if they include required items and that the values are within a given range and length. [MariaDB Enterprise Server 10.6.16-11](/docs/release-notes/enterprise-server/10.6/10.6.16-11.md) * A new view `sys.privileges_by_table_by_level` in the sys schema, to show privileges granted to a table on a global, schema, or table level ([MENT-2007](https://jira.mariadb.org/browse/MENT-2007)) * Option s3\_debug can now be changed without the need to restart the server ([MENT-2001](https://jira.mariadb.org/browse/MENT-2001)) * New Time Zone Options `%Z` and `%z` for DATE\_FORMAT ([MENT-1902](https://jira.mariadb.org/browse/MENT-1902)) * Server Audit Log with Milliseconds Precision Timestamps ([MENT-1744](https://jira.mariadb.org/browse/MENT-1744)) [MariaDB Enterprise Server 10.6.19-15](/docs/release-notes/enterprise-server/10.6/10.6.19-15.md) * Starting with MariaDB Enterprise Server 10.6.19-15, the space occupied by freed pages within the InnoDB system tablespace can be reclaimed by adding an :autoshrink attribute to innodb\_data\_file\_path, like: (MENT-1304) ``` [mariadb] ... innodb_data_file_path=ibdata1:12M;ibdata2:50M:autoextend:autoshrink ``` This allows the system tablespace to be truncated after the last allocated page within it, all the way to the specified minimum size (here: 12MiB). In older release series InnoDB data files never shrink in size during normal operation. One could shrink .ibd files by rebuilding tables with OPTIMIZE TABLE, or the undo tablespace files by `SET GLOBAL innodb_undo_log_truncate=ON` * The function CONV() , which converts a number between numeric base systems, now supports conversions up to base 62. This allows conversions to encodings to capital letters A-Z, lower case letters a-z, and numbers 0-9. The old limit was 36, not including lower case letters. (MENT-2031) Example: ```sql SELECT CONV(61,10,36); ``` ``` +----------------+ | CONV(61,10,36) | +----------------+ | 1P | +----------------+ SELECT CONV(61,10,62); +----------------+ | CONV(61,10,62) | +----------------+ | z | +----------------+ ``` * The JSON functions JSON\_ARRAY\_INTERSECT, JSON\_OBJECT\_TO ARRAY, and JSON\_FILTER\_KEYS have been backported from later MariaDB Community Server Release Series to enhance the JSON function coverage in this MariaDB Enterprise Server release series. (MENT-1897) * The new JSON function JSON\_ARRAY\_INTERSECT(, ) is used to find the intersection between two JSON arrays. Example: ```sql SET @array1= '[1,2,3]'; SET @array2= '[1,2,4]'; SELECT json_array_intersect(@array1, @array2) AS result; ``` ``` +--------+ | result | +--------+ | [1, 2] | +--------+ ``` ```sql SET @json1= '[[1,2,3],[4,5,6],[1,1,1]]'; SET @json2= '[[1,2,3],[4,5,6],[1,3,2]]'; SELECT json_array_intersect(@json1, @json2) AS result; ``` ``` +------------------------+ | result | +------------------------+ | [[1, 2, 3], [4, 5, 6]] | +------------------------+ ``` * The new JSON function JSON\_OBJECT\_TO\_ARRAY(\) is used to convert all JSON objects found in a JSON document to JSON arrays where each item in the outer array represents a single key-value pair from the object.\ Example: ```sql SET @json1= '{ "a" : [1,2,3] , "b": {"key1": "val1", "key2": {"key3": "val3"}} }'; SELECT JSON_OBJECT_TO_ARRAY(@json1) AS result; ``` ``` +-----------------------------------------------------------------------+ | result | +-----------------------------------------------------------------------+ | [["a", [1, 2, 3]], ["b", {"key1": "val1", "key2": {"key3": "val3"}}]] | +-----------------------------------------------------------------------+ ``` Resulting arrays can be compared using JSON\_ARRAY\_INTERSECT(): ```sql SET @json1='{"a":[1,2,3],"b":{"key1":"val1","key2":{"key3":"val3"}}}'; SET @json2='{"a":[1,2,3]}'; SELECT JSON_OBJECT_TO_ARRAY(@json1) INTO @array1; SELECT JSON_OBJECT_TO_ARRAY(@json2) INTO @array2; SELECT JSON_ARRAY_INTERSECT(@array1,@array2) AS result; ``` ``` +--------------------+ | result | +--------------------+ | [["a", [1, 2, 3]]] | +--------------------+ ``` * The new JSON function JSON\_OBJECT\_FILTER\_KEYS(\,\) returns key/value pairs from a JSON string for keys defined in \.\ Example: ```sql SET @json1= '{ "a": 1, "b": 2, "c": 3}'; SELECT JSON_OBJECT_FILTER_KEYS (@json1, ' ["b", "c"] ') AS result; ``` ``` +------------------+ | result | +------------------+ | {"b": 2, "c": 3} | +------------------+ ``` By using JSON\_ARRAY\_INTERSECT() and JSON\_KEY() as arguments for JSON\_OBJECT\_FILTER\_KEYS(), a comparison of two JSON strings is possible where only the same keys are compared, not the key/value pairs.\ Example (only show key/value pairs of json1 where the key exists in json2): ```sql SET @json1= '{ "a": 1, "b": 2, "c": 3}'; SET @json2= '{"b" : 10, "c": 20, "d": 30}'; SELECT JSON_OBJECT_FILTER_KEYS (@json1, json_array_intersect(json_keys(@json1), json_keys(@json2))) AS result; ``` ``` +------------------+ | result | +------------------+ | {"b": 2, "c": 3} | +------------------+ ``` * The new JSON function JSON\_KEY\_VALUE(\,\) extracts key/value pairs from a JSON object. The JSON path parameter is used to only return key/value pairs for matching JSON objects. (MENT-1896) Example: ```sql SELECT JSON_KEY_VALUE('[[1, {"key1":"val1", "key2":"val2"}, 3], 2, 3]', '$[0][1]'); ``` ``` +-----------------------------------------------------------------------------+ | JSON_KEY_VALUE('[[1, {"key1":"val1", "key2":"val2"}, 3], 2, 3]', '$[0][1]') | +-----------------------------------------------------------------------------+ | [{"key": "key1", "value": "val1"}, {"key": "key2", "value": "val2"}] | +-----------------------------------------------------------------------------+ ``` The function JSON\_KEY\_VALUE() can be used as an argument to JSON\_TABLE(), which allows adding the key to a result set.\ Example: ```sql SELECT jt.* FROM JSON_TABLE( JSON_KEY_VALUE('[[1, {"key1":"val1", "key2":"val2"}, 3], 2, 3]', '$[0][1]'),'$[*]' COLUMNS ( k VARCHAR(20) PATH '$.KEY', v VARCHAR(20) PATH '$.value', id FOR ORDINALITY )) AS jt; ``` ``` +------+------+------+ | k | v | id | +------+------+------+ | key1 | val1 | 1 | | key2 | val2 | 2 | +------+------+------+ ``` [MariaDB Enterprise Server 10.6.20-16](/docs/release-notes/enterprise-server/10.6/10.6.20-16.md) * New, Detailed Replication Lag Representation (MENT-2095) * The Seconds\_Behind\_Master field of SHOW REPLICA STATUS can be complex and confusing, especially when parallel replication, delayed replication, or the option sql\_slave\_skip\_counter is used. To help provide a consistent view of replication lag, three new fields have been added to the statement's output to provide specific timing information about the state of the IO and SQL threads. * Three new values have been added to the replica status: * `Master_last_event_time` * Timestamp of the last event read from the primary by the IO thread * `Slave_last_event_time` * Timestamp from the primary of the last event committed on the replica * `Master_Slave_time_diff` * The difference of the above two timestamps * New Information Schema Table For Password Related Data (MENT-2145)\ A new information Schema view, USERS, has been added, which DBAs can use to get insights about password related information for a user. This information can be used: * by an application to inform a user about a password about to expire or an account which is at risk of being blocked due to the number of wrong passwords entered * by DBAs to query users which have been blocked because of too many invalid passwords entered * The new view includes the fields: * `USER` – A string including user name and host * `PASSWORD_ERRORS` – A counter with the current number of wrong passwords entered * Reset to 0 when a correct password has been entered * An account is blocked, if `max_password_errors` is reached * `NULL` for accounts with privilege `CONNECTION ADMIN` * `PASSWORD_EXPIRATION_TIME` – The date and time when the password expires or NULL, if the password never expires * GTID binlog events now include the thread ID (MENT-2180) * The thread ID and the corresponding statement can now be retrieved from binary logs * The output of mariadb-binlog also includes the thread ID [MariaDB Enterprise Server 10.6.24-20](/docs/release-notes/enterprise-server/10.6/10.6.24-20.md) * Two new fields are available via `SHOW REPLICA STATUS` ([MENT-2129](https://jira.mariadb.org/browse/MENT-2129)) 1. `Connects_Tried`, which provides the number of attempts the replica has made to connect to the primary, and 2. `Master_Retry_Count`, which provides the number of times the replica will attempt to connect to a primary before giving up. * Add the server option `--replicate-rewrite-db` to system variables and SHOW REPLICA STATUS (backport of MDEV-15530) ([MENT-2421](https://jira.mariadb.org/browse/MENT-2421)) * The authentication plugin `caching_sha2_password` has been added, not loaded by default ([MDEV-37600](https://jira.mariadb.org/browse/MDEV-37600)) ## Security Vulnerabilities (CVE) Fixed in MariaDB Enterprise Server 10.6 For a complete list of security vulnerabilities (CVE) fixed across all versions of MariaDB Enterprise Server, see the [Security Vulnerabilities Fixed in MariaDB Enterprise Server](/docs/server/security/cve/enterprise-server.md) page. | CVE ID (with cve.org link) | CVSS base score | Enterprise Server 10.6 Release | | ----------------------------------------------------------------- | ----------------------------------- | ---------------------------------------------------------------------- | | [CVE-2026-21968](https://www.cve.org/CVERecord?id=CVE-2026-21968) | 6.5 | [10.6.24-20](/docs/release-notes/enterprise-server/10.6/10.6.24-20.md) | | [CVE-2025-30693](https://www.cve.org/CVERecord?id=CVE-2025-30693) | 5.5 | [10.6.22-18](/docs/release-notes/enterprise-server/10.6/10.6.22-18.md) | | [CVE-2023-52969](https://www.cve.org/CVERecord?id=CVE-2023-52969) | 4.9 | [10.6.22-18](/docs/release-notes/enterprise-server/10.6/10.6.22-18.md) | | [CVE-2023-52970](https://www.cve.org/CVERecord?id=CVE-2023-52970) | 4.9 | [10.6.22-18](/docs/release-notes/enterprise-server/10.6/10.6.22-18.md) | | [CVE-2025-21490](https://www.cve.org/CVERecord?id=CVE-2025-21490) | 4.9 | [10.6.21-17](/docs/release-notes/enterprise-server/10.6/10.6.21-17.md) | | [CVE-2024-21096](https://www.cve.org/CVERecord?id=CVE-2024-21096) | 4.9 | [10.6.18-14](/docs/release-notes/enterprise-server/10.6/10.6.18-14.md) | | [CVE-2023-22084](https://www.cve.org/CVERecord?id=CVE-2023-22084) | 4.9 | [10.6.16-11](/docs/release-notes/enterprise-server/10.6/10.6.16-11.md) | | [CVE-2022-47015](https://www.cve.org/CVERecord?id=CVE-2022-47015) | N/A (Medium) [#1](#id-1) | [10.6.12-8](/docs/release-notes/enterprise-server/10.6/10.6.12-8.md) | | [CVE-2023-5157](https://www.cve.org/CVERecord?id=CVE-2023-5157) | 7.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2018-25032](https://www.cve.org/CVERecord?id=CVE-2018-25032) | 7.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-32091](https://www.cve.org/CVERecord?id=CVE-2022-32091) | 6.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-32089](https://www.cve.org/CVERecord?id=CVE-2022-32089) | 6.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-32084](https://www.cve.org/CVERecord?id=CVE-2022-32084) | 6.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-32082](https://www.cve.org/CVERecord?id=CVE-2022-32082) | 6.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-32081](https://www.cve.org/CVERecord?id=CVE-2022-32081) | 6.5 | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | | [CVE-2022-27458](https://www.cve.org/CVERecord?id=CVE-2022-27458) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27457](https://www.cve.org/CVERecord?id=CVE-2022-27457) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27456](https://www.cve.org/CVERecord?id=CVE-2022-27456) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27455](https://www.cve.org/CVERecord?id=CVE-2022-27455) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27452](https://www.cve.org/CVERecord?id=CVE-2022-27452) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27451](https://www.cve.org/CVERecord?id=CVE-2022-27451) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27449](https://www.cve.org/CVERecord?id=CVE-2022-27449) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27448](https://www.cve.org/CVERecord?id=CVE-2022-27448) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27447](https://www.cve.org/CVERecord?id=CVE-2022-27447) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27446](https://www.cve.org/CVERecord?id=CVE-2022-27446) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27445](https://www.cve.org/CVERecord?id=CVE-2022-27445) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27444](https://www.cve.org/CVERecord?id=CVE-2022-27444) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27387](https://www.cve.org/CVERecord?id=CVE-2022-27387) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27386](https://www.cve.org/CVERecord?id=CVE-2022-27386) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27384](https://www.cve.org/CVERecord?id=CVE-2022-27384) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27383](https://www.cve.org/CVERecord?id=CVE-2022-27383) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27382](https://www.cve.org/CVERecord?id=CVE-2022-27382) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27381](https://www.cve.org/CVERecord?id=CVE-2022-27381) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27380](https://www.cve.org/CVERecord?id=CVE-2022-27380) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27379](https://www.cve.org/CVERecord?id=CVE-2022-27379) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27378](https://www.cve.org/CVERecord?id=CVE-2022-27378) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27377](https://www.cve.org/CVERecord?id=CVE-2022-27377) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-27376](https://www.cve.org/CVERecord?id=CVE-2022-27376) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-21451](https://www.cve.org/CVERecord?id=CVE-2022-21451) | 7.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-32088](https://www.cve.org/CVERecord?id=CVE-2022-32088) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-32087](https://www.cve.org/CVERecord?id=CVE-2022-32087) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-32086](https://www.cve.org/CVERecord?id=CVE-2022-32086) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-32085](https://www.cve.org/CVERecord?id=CVE-2022-32085) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2022-32083](https://www.cve.org/CVERecord?id=CVE-2022-32083) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2021-46669](https://www.cve.org/CVERecord?id=CVE-2021-46669) | 6.5 | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | | [CVE-2021-46668](https://www.cve.org/CVERecord?id=CVE-2021-46668) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2021-46665](https://www.cve.org/CVERecord?id=CVE-2021-46665) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2021-46664](https://www.cve.org/CVERecord?id=CVE-2021-46664) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2021-46663](https://www.cve.org/CVERecord?id=CVE-2021-46663) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2021-46661](https://www.cve.org/CVERecord?id=CVE-2021-46661) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2021-46659](https://www.cve.org/CVERecord?id=CVE-2021-46659) | 5.5 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2022-21595](https://www.cve.org/CVERecord?id=CVE-2022-21595) | 4.4 | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | | [CVE-2022-27385](https://www.cve.org/CVERecord?id=CVE-2022-27385) | 7.5 | [10.6.5-2](/docs/release-notes/enterprise-server/10.6/10.6.5-2.md) | | [CVE-2021-46667](https://www.cve.org/CVERecord?id=CVE-2021-46667) | 7.5 | [10.6.5-2](/docs/release-notes/enterprise-server/10.6/10.6.5-2.md) | | [CVE-2022-31624](https://www.cve.org/CVERecord?id=CVE-2022-31624) | 6.5 | [10.6.5-2](/docs/release-notes/enterprise-server/10.6/10.6.5-2.md) | | [CVE-2021-46662](https://www.cve.org/CVERecord?id=CVE-2021-46662) | 5.5 | [10.6.5-2](/docs/release-notes/enterprise-server/10.6/10.6.5-2.md) | | [CVE-2021-46658](https://www.cve.org/CVERecord?id=CVE-2021-46658) | 5.5 | [10.6.4-1](/docs/release-notes/enterprise-server/10.6/10.6.4-1.md) | #### #1: MariaDB CVEs are assigned a word rating instead of a CVSS base score. See the [MariaDB Engineering Policy](https://mariadb.com/engineering-policies/) for details. ## Available Versions | Version | Release Date | Release Status | | ---------------------------------------------------------------------- | ------------ | -------------- | | [10.6.25-21](/docs/release-notes/enterprise-server/10.6/10.6.25-21.md) | 2026-03-17 | Stable (GA) | | [10.6.24-20](/docs/release-notes/enterprise-server/10.6/10.6.24-20.md) | 2025-12-11 | Stable (GA) | | [10.6.23-19](/docs/release-notes/enterprise-server/10.6/10.6.23-19.md) | 2025-09-08 | Stable (GA) | | [10.6.22-18](/docs/release-notes/enterprise-server/10.6/10.6.22-18.md) | 2025-06-11 | Stable (GA) | | [10.6.21-17](/docs/release-notes/enterprise-server/10.6/10.6.21-17.md) | 2025-03-19 | Stable (GA) | | [10.6.20-16](/docs/release-notes/enterprise-server/10.6/10.6.20-16.md) | 2024-12-10 | Stable (GA) | | [10.6.19-15](/docs/release-notes/enterprise-server/10.6/10.6.19-15.md) | 2024-09-09 | Stable (GA) | | [10.6.18-14](/docs/release-notes/enterprise-server/10.6/10.6.18-14.md) | 2024-06-11 | Stable (GA) | | [10.6.17-13](/docs/release-notes/enterprise-server/10.6/10.6.17-13.md) | 2024-04-24 | Stable (GA) | | [10.6.17-12](/docs/release-notes/enterprise-server/10.6/10.6.17-12.md) | 2024-03-11 | Stable (GA) | | [10.6.16-11](/docs/release-notes/enterprise-server/10.6/10.6.16-11.md) | 2023-12-12 | Stable (GA) | | [10.6.15-10](/docs/release-notes/enterprise-server/10.6/10.6.15-10.md) | 2023-09-11 | Stable (GA) | | [10.6.14-9](/docs/release-notes/enterprise-server/10.6/10.6.14-9.md) | 2023-06-13 | Stable (GA) | | [10.6.12-8](/docs/release-notes/enterprise-server/10.6/10.6.12-8.md) | 2023-05-24 | Stable (GA) | | [10.6.12-7](/docs/release-notes/enterprise-server/10.6/10.6.12-7.md) | 2023-03-13 | Stable (GA) | | [10.6.11-6](/docs/release-notes/enterprise-server/10.6/10.6.11-6.md) | 2022-12-21 | Stable (GA) | | [10.6.9-5](/docs/release-notes/enterprise-server/10.6/10.6.9-5.md) | 2022-09-12 | Stable (GA) | | [10.6.8-4](/docs/release-notes/enterprise-server/10.6/10.6.8-4.md) | 2022-06-13 | Stable (GA) | | [10.6.7-3](/docs/release-notes/enterprise-server/10.6/10.6.7-3.md) | 2022-03-14 | Stable (GA) | | [10.6.5-2](/docs/release-notes/enterprise-server/10.6/10.6.5-2.md) | 2021-12-13 | Stable (GA) | | [10.6.4-1](/docs/release-notes/enterprise-server/10.6/10.6.4-1.md) | 2021-08-26 | Stable (GA) | See also: [All MariaDB Enterprise Releases](/docs/release-notes/enterprise-server/all-releases.md) ## Installation Instructions * [Deploy MariaDB Enterprise with Repositories](/docs/server/server-management/install-and-upgrade-mariadb/mariadb-package-repository-setup-and-usage.md) * [Deploy MariaDB Enterprise with Package Tarballs](/docs/server/server-management/install-and-upgrade-mariadb/installing-mariadb/binary-packages/package-tarballs.md) * [Deploy MariaDB Enterprise with Docker](/docs/server/server-management/automated-mariadb-deployment-and-administration/docker-and-mariadb/deploy-mariadb-enterprise-server-with-docker.md) ## Upgrade Instructions * [Upgrade to MariaDB Enterprise Server 10.6](/docs/server/server-management/install-and-upgrade-mariadb/installing-enterprise-server/upgrade-paths/mariadb-enterprise-server-10.6/upgrade-to-mariadb-enterprise-server-10.6.md) *This page is: Copyright © 2025 MariaDB. All rights reserved.* {% @marketo/form formid="4316" formId="4316" %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://mariadb.com/docs/release-notes/enterprise-server/10.6/whats-new.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.