Home
Home
Trends
Trends
Vulnerabilities
Vulnerabilities
News
News
Researchers
Researchers
Why dbugs?
Why dbugs?
Settings

Lucyegan

#30136of 54,871
8.8Total CVSS
Vulnerabilities · 1
PT-2026-60936
8.8
2023-12-15
Surrealdb · Surrealdb · CVE-2023-54366
**Name of the Vulnerable Software and Affected Versions** SurrealDB versions prior to 1.0.1 **Description** Default table permissions are set to FULL instead of NONE, which allows SELECT, CREATE, UPDATE, and DELETE operations on tables that lack explicit permissions. This allows attackers with database access or unauthenticated users on publicly exposed instances to perform unrestricted operations on unprotected tables within their authorization scope. **Recommendations** Update SurrealDB to version 1.0.1 or later.