Stack Overflow Vulnerability in Suricata Network IDS and IPS
CVE-2026-22262

5.9MEDIUM

Key Information:

Vendor

Oisf

Status
Suricata
Vendor
CVE Published:
27 January 2026

What is CVE-2026-22262?

Suricata, a powerful network IDS and IPS engine, has a vulnerability that arises during data set handling. When saving datasets, if the provided data exceeds a certain size, it can cause a stack overflow. This flaw affects versions before 8.0.3 and 7.0.14. Users are advised to avoid utilizing rules that involve the ‘save’ or ‘state’ options with datasets as a temporary measure until they can upgrade to patched versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

suricata < 7.0.14 < 7.0.14

suricata >= 8.0.0, < 8.0.3 < 8.0.0, 8.0.3

References

https://github.com/OISF/suricata/security/advisories/GHSA...
x_refsource_CONFIRM
https://github.com/OISF/suricata/commit/0eff24213763c2aa2...
x_refsource_MISC
https://github.com/OISF/suricata/commit/27a2180bceaa34774...
x_refsource_MISC

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.