PT-2026-60946 · Surrealdb+1 · Surrealdb+1
CVSS v3.1
8.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SurrealDB versions prior to 1.1.1
Description
A format string issue exists in the
Exception::throw type() function of rquickjs, the Rust binding to the QuickJS engine, when scripting is enabled. Attackers with scripting privileges can provide format string sequences in error inputs to read arbitrary process memory or execute code with the privileges of the SurrealDB process.Recommendations
Update to version 1.1.1 or later.
Fix
RCE
Use of Externally-Controlled Format String
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Surrealdb
Quickjs