Known Vulnerabilities for Suricata by OISF
Listed below are 6 of the newest known vulnerabilities associated with "Suricata" by "OISF".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-31937 | Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a perfor... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-31935 | Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frame... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-31934 | Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, there is a quadratic complexity is... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-31933 | Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Surica... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-31932 | Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-31931 | Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alpn" rule keyword... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2021-37592 | Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certai... | 9.8 - CRITICAL | 2021-11-19 | 2021-11-23 |
| CVE-2021-35063 | Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion." | 7.5 - HIGH | 2021-07-22 | 2023-11-07 |
| CVE-2020-19678 | Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker ... | 7.5 - HIGH | 2023-04-06 | 2023-04-18 |
| CVE-2019-1010279 | Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection b... | 7.5 - HIGH | 2019-07-18 | 2019-08-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oisf | Suricata | 5.0.0 | beta1 | All | All |
| Application | Oisf | Suricata | 4.1.4 | All | All | All |
| Application | Oisf | Suricata | 4.1.3 | All | All | All |
| Application | Oisf | Suricata | 4.1.2 | All | All | All |
| Application | Oisf | Suricata | 4.1.1 | All | All | All |
| Application | Oisf | Suricata | 4.1.0 | All | All | All |
| Application | Oisf | Suricata | 4.1.0 | beta1 | All | All |
| Application | Oisf | Suricata | 4.1.0 | rc1 | All | All |
| Application | Oisf | Suricata | 4.1.0 | rc2 | All | All |
| Application | Oisf | Suricata | 4.0.7 | All | All | All |
| Application | Oisf | Suricata | 4.0.6 | All | All | All |
| Application | Oisf | Suricata | 4.0.5 | All | All | All |
| Application | Oisf | Suricata | 4.0.4 | All | All | All |
| Application | Oisf | Suricata | 4.0.3 | All | All | All |
| Application | Oisf | Suricata | 4.0.2 | All | All | All |
| Application | Oisf | Suricata | 4.0.1 | All | All | All |
| Application | Oisf | Suricata | 4.0.0 | - | All | All |
| Application | Oisf | Suricata | 4.0.0 | beta1 | All | All |
| Application | Oisf | Suricata | 4.0.0 | rc1 | All | All |
| Application | Oisf | Suricata | 4.0.0 | rc2 | All | All |