CVE-2026-22259

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 8.0.3 Suricata versions prior to 7.0.14

Description Specially crafted network traffic can cause Suricata to consume excessive memory when parsing DNP3 traffic. This can lead to performance degradation and potential process termination due to out-of-memory (OOM) conditions. The issue affects Suricata when processing DNP3 traffic. As a temporary measure, disabling the DNP3 parser in the Suricata configuration file can mitigate the problem.

Recommendations Update to Suricata version 8.0.3 or later. Update to Suricata version 7.0.14 or later. As a temporary workaround, disable the DNP3 parser in the Suricata configuration file.

Exploit

Fix

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

BDU:2026-00953

CVE-2026-22259

GHSA-878H-2X6V-84Q9

OPENSUSE-SU-2026:10082-1

Affected Products

Suricata

CVE-2026-22259

Weakness Enumeration

Related Identifiers

Affected Products

References · 35