CVE-2026-22263 | THREATINT

Description

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

PUBLISHED Reserved 2026-01-07 | Published 2026-01-27 | Updated 2026-01-27 | Assigner GitHub_M

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-1050: Excessive Platform Resource Consumption within a Loop

Product status

>= 8.0.0, < 8.0.3

affected

References

github.com/...ricata/security/advisories/GHSA-rwc5-hxj6-hwx7

github.com/...ommit/018a377f74e3eb2b042c6f783ad9043060923428

redmine.openinfosecfoundation.org/issues/8201

cve.org (CVE-2026-22263)

nvd.nist.gov (CVE-2026-22263)

Download JSON