Stats Digest Feeds
โ† Back to all CVEs

CVE-2024-58359

MEDIUM NVD
CVSS Score 6.5
Severity MEDIUM
Published Jul 18, 2026
Vendor unknown

Description

SurrealDB versions before 2.1.0 contain a denial of service vulnerability in the sorting mechanism when using ORDER BY rand() clause. Authorized clients can execute queries with ORDER BY rand() to trigger a panic in the sorting function, crashing the server.

References