目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

surrealdb 厂商漏洞列表 / CVE 中文分析 26

surrealdb 厂商相关 26 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

本页聚合了关于 SurrealDB 的安全漏洞信息,主要涵盖数据库远程代码执行、注入攻击及身份验证绕过等关键风险。收录范围包含该厂商产品自公开以来的各类安全通告与历史漏洞数据。通过本页内容,您可以高效追踪 SurrealDB 的最新安全动态,深入分析其系统架构中的潜在弱点,并快速检索特定版本的历史漏洞详情,以便评估风险并及时采取修复措施,保障部署环境的安全稳定。

上位製品 surrealdb: surrealdb
CVE IDタイトルCVSS深刻度公開日
CVE-2025-71398 SurrealDB before 2.2.2 SSRF via HTTP Redirect Bypass — surrealdbCWE-918--2026-07-18
CVE-2025-71397 SurrealDB before 2.2.2 CPU Exhaustion via nested FOR loops — surrealdbCWE-835--2026-07-18
CVE-2025-71395 SurrealDB before 2.2.2 Memory Exhaustion via string::replace — surrealdbCWE-789--2026-07-18
CVE-2025-71396 SurrealDB before 2.2.2 Denial of Service via JavaScript Scripting — surrealdbCWE-770--2026-07-18
CVE-2025-71394 SurrealDB before 2.2.2 Local File Read via DEFINE ANALYZER — surrealdbCWE-22--2026-07-18
CVE-2025-71393 SurrealDB before 2.2.2 Memory Exhaustion via Nested Functions — surrealdbCWE-674--2026-07-18
CVE-2025-71392 SurrealDB before 2.2.2 SurrealQL Injection via export — surrealdbCWE-77--2026-07-18
CVE-2025-71391 SurrealDB before 2.2.2 Denial of Service via /sql endpoint — surrealdbCWE-248--2026-07-18
CVE-2025-71390 SurrealDB before 2.3.6 deny-net Bypass via DNS Resolution — surrealdbCWE-863--2026-07-18
CVE-2024-58370 SurrealDB before 1.1.0 Uncontrolled Recursion Denial of Service — surrealdbCWE-674 6.5 Medium2026-07-18
CVE-2024-58369 SurrealDB before 1.1.1 Denial of Service via Global Parameters — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58368 SurrealDB before 1.1.0 Denial of Service via HTTP Headers — surrealdbCWE-248 7.5 High2026-07-18
CVE-2024-58367 SurrealDB before 2.0.4 Improper Authorization via SELECT Permissions — surrealdbCWE-285--2026-07-18
CVE-2024-58366 SurrealDB before 1.1.1 Format String via Scripting Functions — surrealdbCWE-134 8.5 High2026-07-18
CVE-2024-58365 SurrealDB before 1.2.0 Denial of Service via Nonexistent Function — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58364 SurrealDB before 1.2.1 Denial of Service via Parsing Error — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58363 SurrealDB before 1.5.4 Authentication Bypass via Database Switch — surrealdbCWE-287 6.3 Medium2026-07-18
CVE-2024-58362 SurrealDB before 1.5.5 Query Injection via RPC API — surrealdbCWE-75 8.8 High2026-07-18
CVE-2024-58361 SurrealDB before 2.0.4 Denial of Service via Parser Exception — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58359 SurrealDB before 2.1.0 Denial of Service via rand() Sorting — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58357 SurrealDB before 2.1.0 Denial of Service via rand::time() — surrealdbCWE-248 6.5 Medium2026-07-18
CVE-2024-58358 SurrealDB before 2.1.0 Denial of Service via Nonexistent Role — surrealdbCWE-248 4.9 Medium2026-07-18
CVE-2024-58356 SurrealDB before 2.1.4 Permission Bypass via DEFINE TABLE OVERWRITE — surrealdbCWE-276--2026-07-18
CVE-2023-54366 SurrealDB before 1.0.1 Insecure Default Table Permissions — surrealdbCWE-276 8.8 High2026-07-18
CVE-2026-63309 SurrealDB < 3.1.5 Information Disclosure via ORDER BY — surrealdbCWE-863 4.3 Medium2026-07-17
CVE-2026-49997 SurrealDB: Edge PERMISSIONS FOR delete bypassed when a connected node is deleted — surrealdbCWE-285 5.4 Medium2026-07-15

本页汇总了 surrealdb 厂商截至目前公开的全部 26 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。