Stats Digest Feeds
โ† Back to all CVEs

CVE-2024-58368

HIGH NVD
CVSS Score 7.5
Severity HIGH
Published Jul 18, 2026
Vendor unknown

Description

SurrealDB versions before 1.1.0 fail to properly parse the ID, DB, and NS headers in HTTP REST API requests containing special characters. Unauthenticated attackers can send crafted HTTP requests with malformed header values to trigger an uncaught exception that crashes the server.

References