Denial of Service Vulnerability in SurrealDB by SurrealDB Inc.
CVE-2024-58365

7.1HIGH

Key Information:

Vendor

Surrealdb

Status
Vendor
CVE Published:
18 July 2026

What is CVE-2024-58365?

SurrealDB versions prior to 1.2.0 are susceptible to an uncaught exception vulnerability in the query executor. This issue arises when authorized clients attempt to execute queries that reference nonexistent built-in functions, potentially leading to a server panic and subsequent crash. It is essential for users of SurrealDB to upgrade to version 1.2.0 or later to mitigate this vulnerability and ensure system stability.

Affected Version(s)

surrealdb 0 < 1.2.0

surrealdb 1.2.0

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

idofilus
.