CVE-2026-22263Excessive Platform Resource Consumption within a Loop in Suricata

CWE-1050Excessive Platform Resource Consumption within a Loop6 documents6 sources
Severity
5.3MEDIUMNVD
EPSS
0.0%
top 94.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedJan 27

Description

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

NVDoisf/suricata8.0.08.0.3
Debianoisf/suricata< 1:8.0.3-1
CVEListV5oisf/suricata>= 8.0.0, < 8.0.3

Patches

Patch: github.com

🔴Vulnerability Details

2
OSV
CVE-2026-22263: Suricata is a network IDS, IPS and NSM engine2026-01-27
CVEList
Suricata http1: quadratic complexity in headers parsing over multiple packets2026-01-27

📋Vendor Advisories

2
Red Hat
suricata: Suricata: Denial of Service via inefficient HTTP/1 header parsing2026-01-27
Debian
CVE-2026-22263: suricata - Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and pri...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-22263 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-22263 — Oisf Suricata vulnerability | cvebase