{"api_version":"1","generated_at":"2026-04-23T02:25:15+00:00","cve":"CVE-2026-31933","urls":{"html":"https://cve.report/CVE-2026-31933","api":"https://cve.report/api/cve/CVE-2026-31933.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-31933","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-31933"},"summary":{"title":"Suricata stream: quadratic complexity in stream inspection","description":"Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4.","state":"PUBLISHED","assigner":"GitHub_M","published_at":"2026-04-02 14:16:28","updated_at":"2026-04-07 18:30:03"},"problem_types":["CWE-407","CWE-407 CWE-407: Inefficient Algorithmic Complexity"],"metrics":[{"version":"3.1","source":"security-advisories@github.com","type":"Secondary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://redmine.openinfosecfoundation.org/issues/8272","name":"https://redmine.openinfosecfoundation.org/issues/8272","refsource":"security-advisories@github.com","tags":["Issue Tracking","Permissions Required"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/OISF/suricata/security/advisories/GHSA-hvp5-gpr6-j4gp","name":"https://github.com/OISF/suricata/security/advisories/GHSA-hvp5-gpr6-j4gp","refsource":"security-advisories@github.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-31933","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31933","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"OISF","product":"suricata","version":"affected < 7.0.15","platforms":[]},{"source":"CNA","vendor":"OISF","product":"suricata","version":"affected >= 8.0.0, < 8.0.4","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"31933","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oisf","cpe5":"suricata","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"31933","cve":"CVE-2026-31933","epss":"0.000400000","percentile":"0.120670000","score_date":"2026-04-07","updated_at":"2026-04-08 00:03:39"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-31933","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-03T16:00:34.285774Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-03T16:01:09.310Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"suricata","vendor":"OISF","versions":[{"status":"affected","version":"< 7.0.15"},{"status":"affected","version":">= 8.0.0, < 8.0.4"}]}],"descriptions":[{"lang":"en","value":"Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-407","description":"CWE-407: Inefficient Algorithmic Complexity","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-02T14:03:35.917Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"name":"https://github.com/OISF/suricata/security/advisories/GHSA-hvp5-gpr6-j4gp","tags":["x_refsource_CONFIRM"],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-hvp5-gpr6-j4gp"},{"name":"https://redmine.openinfosecfoundation.org/issues/8272","tags":["x_refsource_MISC"],"url":"https://redmine.openinfosecfoundation.org/issues/8272"}],"source":{"advisory":"GHSA-hvp5-gpr6-j4gp","discovery":"UNKNOWN"},"title":"Suricata stream: quadratic complexity in stream inspection"}},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2026-31933","datePublished":"2026-04-02T14:03:35.917Z","dateReserved":"2026-03-10T15:10:10.654Z","dateUpdated":"2026-04-03T16:01:09.310Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-02 14:16:28","lastModifiedDate":"2026-04-07 18:30:03","problem_types":["CWE-407","CWE-407 CWE-407: Inefficient Algorithmic Complexity"],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.15","matchCriteriaId":"1E0D4CF4-11E0-4FB1-9C17-F38257D376ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.4","matchCriteriaId":"F35C5A48-CA30-43B3-9E53-D3E51C862604"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"31933","Ordinal":"1","Title":"Suricata stream: quadratic complexity in stream inspection","CVE":"CVE-2026-31933","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"31933","Ordinal":"1","NoteData":"Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4.","Type":"Description","Title":"Suricata stream: quadratic complexity in stream inspection"}]}}}