CVE-2026-22260

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2026-01-27

Last updated on: 2026-01-29

Assigner: GitHub, Inc.

Description

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for `request-body-limit` and `response-body-limit`.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-01-27

Last Modified

2026-01-29

Generated

2026-05-07

EPSS Evaluated

2026-05-05

NVD

CVE-2026-22260

EUVD

EUVD-2026-4793

Affected Vendors & Products

Vendor	Product	Version / Range
oisf	suricata	From 8.0.0 (inc) to 8.0.3 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-674	The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
CWE-787	The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2026-22260

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

Ask Our AI Assistant

EPSS Chart