PT-2026-60945 · Surrealdb · Surrealdb
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SurrealDB versions prior to 1.2.0
Description
An uncaught exception exists in the query executor when processing calls to built-in functions that do not exist. Authorized clients can trigger a panic that crashes the server by crafting pre-parsed queries that invoke these nonexistent functions.
Recommendations
Update SurrealDB to version 1.2.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Surrealdb