CVE-2026-31937Inefficient Algorithmic Complexity in Suricata

CWE-407Inefficient Algorithmic ComplexityCWE-770Allocation of Resources Without Limits or Throttling19 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 83.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedApr 2
Latest updateApr 3

Description

Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5oisf/suricata< 7.0.15
NVDoisf/suricata< 7.0.15
Debianoisf/suricata< 1:8.0.1-1

🔴Vulnerability Details

3
OSV
CVE-2026-31937: (Suricata is a network IDS, IPS and NSM engine2026-04-03
OSV
CVE-2026-31937: Suricata is a network IDS, IPS and NSM engine2026-04-02
CVEList
Suricata dcerpc: quadratic complexity in dcerpc buffering2026-04-02

📋Vendor Advisories

2
Red Hat
Suricata: Suricata: Denial of Service via DCERPC buffering inefficiency2026-04-02
Debian
CVE-2026-31937: suricata - Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, ineffici...2026

🕵️Threat Intelligence

13
Wiz
CVE-2026-22262 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-22264 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-31937 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-31935 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-31932 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-31937 — Inefficient Algorithmic Complexity | cvebase