PatchSiren cyber security CVE debrief
CVE-2024-58363 surrealdb CVE debrief
CVE-2024-58363 is a medium-severity vulnerability in SurrealDB, a database management system. The issue arises from improper authentication validation when a user switches databases using the USE clause or use method. An attacker with an authenticated session can impersonate an unrelated user in a different database if a user record with an identical identifier exists. This can lead to unauthorized actions if permissions rely solely on the $auth parameter.
- Vendor
- surrealdb
- Product
- Unknown
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Users of SurrealDB, especially those who rely on database switching and user authentication, should be aware of this vulnerability. Developers and administrators of applications using SurrealDB should assess their exposure and take necessary actions to mitigate the risk.
Technical summary
The vulnerability exists in SurrealDB versions before 1.5.4. When a user switches databases using the USE clause or use method, the system fails to properly validate authentication. This allows an attacker with an authenticated session to impersonate another user in a different database, provided that user has the same identifier. The impact is significant if access control relies solely on the $auth parameter, as it could lead to unauthorized actions.
Defensive priority
Medium priority should be given to patching SurrealDB installations, as the vulnerability can be exploited by authenticated users. Immediate action is recommended for environments where database switching and user impersonation could lead to significant security risks.
Recommended defensive actions
- Patch SurrealDB to version 1.5.4 or later
- Review and update authentication and authorization mechanisms
- Monitor for suspicious database switching activity
- Implement additional access controls beyond $auth parameter if necessary
- Confirm whether affected SurrealDB deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-18T14:17:09.187Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited details are available about the specific conditions and potential mitigations beyond patching.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T14:17:09.187Z and has not been modified since then. The NVD entry is currently Received.