Lucene search
+L

5 matches found

NVD
NVD
added yesterday9 views

CVE-2025-71394

SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...

2.3CVSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2025-210485

SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...

2.3CVSS5.4AI score
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2025-71394

SurrealDB versions before 2.2.2 have a local file read vulnerability in the DEFINE ANALYZER that allows authenticated users with root, namespace, or database privileges to point analyzers to arbitrary file paths and exfiltrate content from two-column tab-separated files; remediation is to upgrade...

2.3CVSS5.4AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2025-71394

SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...

2.3CVSS5.4AI score
Exploits0References3
Cvelist
Cvelist
added yesterday27 views

CVE-2025-71394 SurrealDB before 2.2.2 Local File Read via DEFINE ANALYZER

SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...

2.3CVSS
Exploits0References2
Rows per page
Query Builder