CVE-2025-71391
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jul 18, 2026
Vendor
unknown
Description
SurrealDB versions before 2.2.2 contain an uncaught exception vulnerability in the net module that allows authenticated users to crash the database. Attackers can send crafted HTTP queries containing null bytes to the /sql endpoint, causing an unhandled exception that crashes the SurrealDB instance and any dependent applications.