Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Network-accessible with low-privilege auth required; limited C/I from unauthorized edge observation and deletion; no availability impact or scope change.
Primary rating from Vendor (https://github.com/surrealdb/surrealdb).
CVSS VectorVendor: https://github.com/surrealdb/surrealdb
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
In SurrealDB, records can be connected as a graph: a RELATE statement creates an edge record between two node records. If either endpoint node is deleted, SurrealDB automatically removes the edge row to keep the graph consistent.
A user with permission to delete a node could also delete the edges connected to that node, even when the edge table's PERMISSIONS FOR delete clause should have stopped them.
The automatic edge removal (Document::purge_edges) ran with permissions disabled (opt.clone().with_perms(false)), so the edge table's PERMISSIONS FOR delete and PERMISSIONS FOR select clauses were never consulted. The removal step could also observe edge state that the edge's SELECT clause should have hidden.
Impact
What an attacker can do:
- Delete any edge connected to a node they can delete, regardless of the edge table's
PERMISSIONS FOR deleteclause. - Observe edge contents that
PERMISSIONS FOR selectshould have hidden, as a side effect of the same edge-removal step.
What it can't do:
- Delete nodes on tables they do not hold
DELETEon (the edge removal only runs from an authorised node delete). - Cross namespace or database isolation boundaries.
- Escalate to root or operator-level privileges.
Patches
Document::purge_edges now propagates the caller's permission context into the edge removal. Each connected edge DELETE is evaluated against the edge table's PERMISSIONS FOR delete clause, matching a direct DELETE.
Versions 3.1.0 and later are not affected.
Workarounds
- Restrict node
DELETEpermission to principals trusted to delete all connected edge records. - Use namespace or database isolation as the primary boundary where edge-level
PERMISSIONSis load-bearing for multi-tenant separation.
AnalysisAI
SurrealDB's automatic graph edge cleanup mechanism bypasses edge-table permission clauses, allowing authenticated low-privilege users to delete edge records and observe hidden edge contents they are not authorized to access. When a node is deleted, the Document::purge_edges routine fires with permissions explicitly disabled (opt.clone().with_perms(false)), meaning the edge table's PERMISSIONS FOR delete and PERMISSIONS FOR select clauses are never consulted. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an active authenticated SurrealDB session with DELETE permission on at least one node table. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS 3.1 score of 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) accurately reflects the limited-but-real impact: low-privilege authenticated network access, no interaction required, constrained confidentiality and integrity impact, no availability component, and no scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated SurrealDB user with low-privilege DELETE access on a node table issues a `DELETE` statement against a node record. SurrealDB's automatic graph consistency routine fires and removes all connected edge records without consulting the edge table's permission clauses. … |
| Remediation | Upgrade SurrealDB to version 3.1.0 or later, which patches `Document::purge_edges` to propagate the caller's permission context so that each connected edge DELETE is evaluated against the edge table's `PERMISSIONS FOR delete` clause. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-285 – Improper Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44713
GHSA-whwg-vh4f-pmmf