surrealdb vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-H5RG-8P7F-47G2Mediumsurrealdb: SurrealDB: SSRF via JWKS URL — Redirect Following in JWT Key FetchGHSA-XX7M-69FF-9CRPMediumsurrealdb: SurrealDB vulnerable to Denial of Service through scripting function memory edge caseGHSA-3V2X-9XCV-2V2VHighsurrealdb: SurrealDB Affected by Confused Deputy Privilege Escalation through Future Fields and FunctionsCVE-2025-11060MediumSurrealDB: SurrealDB is Vulnerable to Unauthorized Data Exposure via LIVE Query SubscriptionsGHSA-5Q9X-554G-9JGGMediumsurrealdb: SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF)GHSA-PXW4-94J3-V9PFHighsurrealdb: SurrealDB CPU exhaustion via custom functions result in total DoSGHSA-3824-QMFQ-2QV7Lowsurrealdb: SurrealDB no JavaScript script function default timeout could facilitate DoSGHSA-3633-G6MG-P6QQHighsurrealdb: SurrealDB memory exhaustion via string::replace using regex GHSA-CCJ3-5P93-8P42Criticalsurrealdb: SurrealDB server-takeover via SurrealQL injection on backup importGHSA-2CVJ-G5R5-JRRGLowsurrealdb: SurrealDB has local file read of 2-column TSV files via analyzers GHSA-M7RC-8W7M-R9QRMediumsurrealdb: SurrealDB vulnerable to memory exhaustion via nested functions and scriptsGHSA-RQ86-9M6R-CM3GHighsurrealdb: SurrealDB has uncaught exception in Net module that leads to database crashGHSA-27VQ-HV74-7CQPLowsurrealdb: SurrealDB has Silent Failure to Overwrite Table Definition of Relation TypeGHSA-M52V-24P8-654FMediumsurrealdb: SurrealDB has an Uncaught Exception Sorting Tables by Random OrderGHSA-JC55-246C-R88FMediumsurrealdb: SurrealDB has an Uncaught Exception Handling Nonexistent RoleGHSA-H4F5-H82V-5W4RMediumsurrealdb: SurrealDB has an Uncaught Exception in Function Generating Random TimeGHSA-9722-9J67-VJCRHighsurrealdb: Improper Authorization in Select PermissionsGHSA-QJRV-V6QP-X99XHighsurrealdb: SurrealDB has an Uncaught Exception Handling Parsing Errors on Empty StringsGHSA-64F8-PJGR-9WMRHighsurrealdb: Untrusted Query Object Evaluation in RPC APIGHSA-GH9F-6XM2-C4J2Mediumsurrealdb: SurrealDB vulnerable to Improper Authentication when Changing Databases as Scope UserGHSA-Q3GG-M8HR-H4X4Highsurrealdb: Externally Controlled Format String in Scripting FunctionsGHSA-6WR5-JMPR-MJCXMediumsurrealdb: Uncaught Exception in Macro Expecting Native Function to ExistGHSA-8XFF-473H-F863Mediumsurrealdb: Uncaught Exception Handling Parsing Errors on Line TerminatorsGHSA-58J9-J2FJ-V8F4Highsurrealdb: SurrealDB vulnerable to Uncontrolled CPU Consumption via WebSocket InterfaceGHSA-6R8P-HPG7-825GMediumsurrealdb: Uncontrolled Recursion in SurrealQL Parsing

Stop the waste.
Protect your environment with Kodem.