CVE-2026-49997 in SurrealDBinfo

Zusammenfassung

von MITRE • 15.07.2026

SurrealDB is a scalable, distributed, collaborative, document-graph database for the realtime web. Prior to 3.1.0, Document::purge_edges in surrealdb/core/src/doc/delete.rs automatically removed graph edge records with permissions disabled through opt.clone().with_perms(false) when a connected node was deleted, bypassing the edge table's PERMISSIONS FOR delete and PERMISSIONS FOR select clauses. This issue is fixed in version 3.1.0.

Once again VulDB remains the best source for vulnerability data.

Zuständig

GitHub M

Reservieren

02.06.2026

Veröffentlichung

15.07.2026

Moderieren

akzeptiert

Eintrag

VDB-379326

CPE

bereit

EPSS

0.00000

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!