CVE-2026-22264

CVSS v3.1

9.4

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 8.0.3 Suricata versions prior to 7.0.14

Description Suricata is a network IDS, IPS and NSM engine. An unsigned integer overflow can lead to a heap use-after-free condition when generating a large number of alerts for a single packet. To mitigate the issue, avoid running untrusted rulesets or running Suricata with less than 65536 signatures that can match on the same packet.

Recommendations Update to Suricata version 8.0.3 or later. Update to Suricata version 7.0.14 or later. Avoid running untrusted rulesets. Run Suricata with at least 65536 signatures that can match on the same packet.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-01034

CVE-2026-22264

GHSA-MQR8-M3M4-2HW5

OPENSUSE-SU-2026:10082-1

Affected Products

Suricata

CVE-2026-22264

Weakness Enumeration

Related Identifiers

Affected Products

References · 31