MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup(), which is exploited via specially crafted SQL statements.