PT-2026-4985 · Open Information Security Foundation · Suricata

Victor Julien

Published

2026-01-01

Updated

2026-01-27

CVE-2026-22260

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions 8.0.0 through 8.0.2

Description Suricata, a network IDS, IPS and NSM engine, is susceptible to a stack overflow that can cause the software to crash. This issue affects versions starting from 8.0.0 and prior to 8.0.3. As a temporary measure, utilizing default values for the request-body-limit and response-body-limit parameters can mitigate the issue.

Recommendations Update to Suricata version 8.0.3 or later. As a temporary workaround, use default values for the request-body-limit and response-body-limit parameters.

Exploit

Fix

Uncontrolled Recursion

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674CWE-787

Related Identifiers

BDU:2026-00952

CVE-2026-22260

GHSA-3GM8-84CM-5X22

OPENSUSE-SU-2026:10082-1

Affected Products

Suricata

PT-2026-4985 · Open Information Security Foundation · Suricata

CVE-2026-22260

Weakness Enumeration

Related Identifiers

Affected Products

References · 33