Known Vulnerabilities for Suricata by Suricata-ids
Listed below are 10 of the newest known vulnerabilities associated with "Suricata" by "Suricata-ids".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59674 json | A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to es... | Not Provided | 2026-07-14 | 2026-07-15 |
| CVE-2025-34178 json | In pfSense CE /suricata/suricata_app_parsers.php, the value of the policy_name parameter is not sanitized of HTML-related st... | Not Provided | 2025-09-09 | 2026-07-14 |
| CVE-2025-34177 json | In pfSense CE /suricata/suricata_flow_stream.php, the value of the policy_name parameter is not sanitized of HTML-related st... | Not Provided | 2025-09-09 | 2026-07-14 |
| CVE-2025-34176 json | In pfSense CE /suricata/suricata_ip_reputation.php, the value of the iplist parameter is not sanitized of directory traversa... | Not Provided | 2025-09-09 | 2026-07-14 |
| CVE-2025-34175 json | In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter is directly displayed with... | Not Provided | 2025-09-09 | 2026-07-14 |
| CVE-2019-18792 json | An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segmen... | 9.1 - CRITICAL | 2020-01-06 | 2021-07-21 |
| CVE-2019-18625 json | An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP ses... | 7.5 - HIGH | 2020-01-06 | 2023-02-01 |
| CVE-2019-17420 json | In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_he... | 5.3 - MEDIUM | 2019-10-10 | 2021-07-21 |
| CVE-2019-16411 json | An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4O... | 9.8 - CRITICAL | 2019-09-24 | 2019-10-02 |
| CVE-2019-16410 json | An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in def... | 9.1 - CRITICAL | 2019-09-24 | 2019-10-18 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Suricata-ids | Suricata | 5.1.0 | |||
| Application | Suricata-ids | Suricata | 5.0.0 | |||
| Application | Suricata-ids | Suricata | 5.0.0 | |||
| Application | Suricata-ids | Suricata | 5.0.0 | |||
| Application | Suricata-ids | Suricata | 4.1.6 | |||
| Application | Suricata-ids | Suricata | 4.1.5 | |||
| Application | Suricata-ids | Suricata | 4.1.0 | |||
| Application | Suricata-ids | Suricata | 4.1.0 | |||
| Application | Suricata-ids | Suricata | 4.0.4 | |||
| Application | Suricata-ids | Suricata | 4.0.3 | |||
| Application | Suricata-ids | Suricata | 4.0.2 | |||
| Application | Suricata-ids | Suricata | 4.0.1 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 4.0.0 | |||
| Application | Suricata-ids | Suricata | 3.2.5 | |||
| Application | Suricata-ids | Suricata | 3.2.4 |