CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."