Oisf Oisf

  1. Vendors
  2. Oisf

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Oisf product.

RSS Feeds for Oisf security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Oisf products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Oisf Sorted by Most Security Vulnerabilities since 2018

Oisf Suricata64 vulnerabilities

Oisf Libhtp6 vulnerabilities

Oisf Suricata Update1 vulnerability

By the Year

In 2026 there have been 13 vulnerabilities in Oisf with an average score of 6.9 out of ten. Last year, in 2025 Oisf had 22 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Oisf in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.05




Year Vulnerabilities Average Score
2026 13 6.91
2025 22 6.96
2024 20 7.06
2023 3 8.27
2022 0 0.00
2021 3 8.27
2020 1 0.00
2019 7 7.50
2018 1 7.80

It may take a day or so for new Oisf vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oisf Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-31937 Apr 02, 2026
Suricata 7.0.15: DCERPC Buffering inefficiency causes perf degradation Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15.
Suricata
CVE-2026-31935 Apr 02, 2026
Suricata 7.0.15/8.0.4 Patch: HTTP2 cont. frame flood mem exhaustion Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata process being shut down by the operating system. This issue has been patched in versions 7.0.15 and 8.0.4.
Suricata
CVE-2026-31934 Apr 02, 2026
Suricata 8.0.08.0.3 MimeURL Quadratic Complexity Perf Impact Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, there is a quadratic complexity issue when searching for URLs in mime encoded messages over SMTP leading to a performance impact. This issue has been patched in version 8.0.4.
Suricata
CVE-2026-31933 Apr 02, 2026
Suricata DOS due to crafted traffic before 7.0.15 & 8.0.4 Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4.
Suricata
CVE-2026-31932 Apr 02, 2026
Suricata KRB5 Buffer inefficiency degrades performance before 7.0.15/8.0.4 Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4.
Suricata
CVE-2026-31931 Apr 02, 2026
Suricata 8.0.08.0.3 Null Deref via tls.alpn Rule Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alpn" rule keyword can cause Suricata to crash with a NULL dereference. This issue has been patched in version 8.0.4.
Suricata
CVE-2026-22264 Jan 27, 2026
Suricata 8.0.2 / 7.0.13: Unsigned Int Overflow Heap UAF in Alert Gen Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run untrusted rulesets or run with less than 65536 signatures that can match on the same packet.
Suricata
CVE-2026-22263 Jan 27, 2026
Suricata 8.0.x HTTP1 Header Parsing Slowdown (DOS) Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.
Suricata
CVE-2026-22262 Jan 27, 2026
Suricata stack buffer overflow on dataset save (8.0.3,7.0.14) Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not use rules with datasets `save` nor `state` options.
Suricata
CVE-2026-22261 Jan 27, 2026
Suricata XFF Slowdown (before 8.0.3/7.0.14) Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve configuration. The setting is disabled by default.
Suricata
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.