CVE-2026-49997
CVE-2026-49997 affects SurrealDB prior to version 3.1.0, where Document::purge_edges could bypass edge table permissions for delete and select when a connected node was deleted. The issue occurs as edge records connected to a deleted node were removed with permissions disabled, bypassing edge-tab...