GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
SurrealDB Affected by Confused Deputy Privilege Escalation through Future Fields and Functions
High
GHSA-3v2x-9xcv-2v2v
was published
for
surrealdb
(Rust)
Jan 22, 2026
SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF)
Moderate
GHSA-5q9x-554g-9jgg
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB CPU exhaustion via custom functions result in total DoS
High
GHSA-pxw4-94j3-v9pf
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB no JavaScript script function default timeout could facilitate DoS
Low
GHSA-3824-qmfq-2qv7
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB memory exhaustion via string::replace using regex
High
GHSA-3633-g6mg-p6qq
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB server-takeover via SurrealQL injection on backup import
Critical
GHSA-ccj3-5p93-8p42
was published
for
surrealdb
(Rust)
Apr 11, 2025
SurrealDB has local file read of 2-column TSV files via analyzers
Low
GHSA-2cvj-g5r5-jrrg
was published
for
surrealdb
(Rust)
Apr 10, 2025
SurrealDB vulnerable to memory exhaustion via nested functions and scripts
Moderate
GHSA-m7rc-8w7m-r9qr
was published
for
surrealdb
(Rust)
Apr 10, 2025
ProTip!
Advisories are also available from the
GraphQL API