CVE-2026-22261

Published January 27th, 2026

View on NVD ↗

CVSS v3

3.7

LOW

CVSS v2

N/A

Affected

PROJECT

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve configuration. The setting is disabled by default.

OISF/suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

GitHub

6.41K