CVE-2026-22259

7.5 HIGH
Published: January 27, 2026 Modified: January 30, 2026
View on NVD

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting killed by the OOM killer. Versions 8.0.3 or 7.0.14 contain a patch. As a workaround, disable the DNP3 parser in the suricata yaml (disabled by default).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/OISF/suricata/commit/50cac2e2465ca211eabfa156623e585e9037bb7e
Source: security-advisories@github.com
Patch
https://github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942
Source: security-advisories@github.com
Patch
https://github.com/OISF/suricata/security/advisories/GHSA-878h-2x6v-84q9
Source: security-advisories@github.com
Patch Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/8181
Source: security-advisories@github.com
Issue Tracking Permissions Required

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.5 / 10.0
EPSS (Exploit Probability)
0.1%
24th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-400 CWE-770

Affected Vendors

oisf

Related CVEs

CVE-2026-4558 8.8
CVE-2026-4557 4.3
CVE-2026-4555 8.8
CVE-2026-4554 6.3
CVE-2026-33319 5.9