PatchSiren cyber security CVE debrief
CVE-2024-58359 surrealdb CVE debrief
A denial of service vulnerability exists in SurrealDB versions before 2.1.0. The vulnerability is triggered when using the ORDER BY rand() clause, which can cause a panic in the sorting function, resulting in a server crash. This issue can be exploited by authorized clients executing specific queries. The vulnerability has a CVSS score of 7.1 and is rated as HIGH. Users of SurrealDB versions before 2.1.0 should be aware of this vulnerability and take necessary precautions to prevent exploitation.
- Vendor
- surrealdb
- Product
- Unknown
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Users of SurrealDB versions before 2.1.0, operators, platform administrators, vulnerability management teams, and security teams should be aware of this vulnerability and take necessary precautions to prevent exploitation.
Technical summary
The vulnerability is caused by a flaw in the sorting mechanism of SurrealDB when using the ORDER BY rand() clause. This can lead to a panic in the sorting function, causing the server to crash. The issue is rated as HIGH with a CVSS score of 7.1. The vulnerability affects SurrealDB versions before 2.1.0. Authorized clients can execute queries with ORDER BY rand() to trigger a panic in the sorting function.
Defensive priority
High priority should be given to updating SurrealDB to version 2.1.0 or later. In the meantime, restricting access to authorized clients and monitoring server activity can help mitigate the risk.
Recommended defensive actions
- Update SurrealDB to version 2.1.0 or later
- Restrict access to authorized clients
- Monitor server activity for suspicious queries
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-18T14:17:08.780Z and has not been modified since then. The NVD entry is currently in the 'Received' status. This information is based on the provided source corpus. Further verification is recommended to confirm the accuracy of this information.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T14:17:08.780Z and has not been modified since then. The NVD entry is currently in the 'Received' status.