Vulnerability in ProxySQL MySQL Proxy Affects Multiple Versions
CVE-2026-48772

10CRITICAL

Key Information:

Vendor: Sysown
Status: Proxysql
Vendor: CVE Published:; 19 June 2026

What is CVE-2026-48772?

A vulnerability exists in ProxySQL affecting MySQL and PostgreSQL traffic, specifically in versions 2.0.0 through 3.0.8. The MySQL frontend improperly handles 'UNKNOWN' address fields in the PROXY protocol, allowing attackers to forge their source IP addresses. This flaw can lead to routing and ACL bypass, facilitating unauthorized access to sensitive database operations. If the default configuration allows all TCP peers, attackers can manipulate queries to exploit rules based on the forged client address, undermining the intent of read-write splitting and query filtering mechanisms. Version 3.0.9 addresses and resolves this issue.

Affected Version(s)

proxysql >= 2.0.0, < 3.0.9

References

https://github.com/sysown/proxysql/security/advisories/GH...

x_refsource_CONFIRM

https://github.com/sysown/proxysql/releases/tag/v3.0.9

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
May 22, 2026

CVE-2026-48772 Data

JSON

Sysown

What is CVE-2026-48772?

Affected Version(s)

References

CVSS V3.1

Timeline