Skip to main content

Surrealdb

1 CVEs product

Monthly

CVE-2026-63309 MEDIUM PATCH This Month

SurrealDB versions 3.0.0 through 3.1.4 expose a query-planner authorization bypass that allows authenticated record users to infer the relative sort order of field values protected by field-level SELECT permissions. By issuing ORDER BY queries against indexed restricted fields, an attacker with normal table SELECT access can observe that rows are returned in the hidden field's true sorted order even though the field value itself is correctly redacted to null at projection time. No public exploit has been identified at time of analysis, and CISA KEV has not listed this vulnerability; however, the attack surface is inherent to any indexed field protected by field-level permissions in affected versions.

Authentication Bypass Surrealdb
NVD GitHub
CVSS 4.0
5.3
CVSS 5.3
MEDIUM PATCH This Month

SurrealDB versions 3.0.0 through 3.1.4 expose a query-planner authorization bypass that allows authenticated record users to infer the relative sort order of field values protected by field-level SELECT permissions. By issuing ORDER BY queries against indexed restricted fields, an attacker with normal table SELECT access can observe that rows are returned in the hidden field's true sorted order even though the field value itself is correctly redacted to null at projection time. No public exploit has been identified at time of analysis, and CISA KEV has not listed this vulnerability; however, the attack surface is inherent to any indexed field protected by field-level permissions in affected versions.

Authentication Bypass Surrealdb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy