CVE-2026-22263 — MEDIUM (5.3)

Q: How severe is CVE-2026-22263?

CVE-2026-22263 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-22263?

Check the references section above for vendor advisories and patch information. Affected products include: Oisf Suricata.

Vulnerability Description

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Oisf	Suricata	>= 8.0.0, < 8.0.3

Related Weaknesses (CWE)

CWE-1050

References

https://github.com/OISF/suricata/commit/018a377f74e3eb2b042c6f783ad9043060923428Patch
https://github.com/OISF/suricata/security/advisories/GHSA-rwc5-hxj6-hwx7Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/8201Permissions Required

FAQ

What is CVE-2026-22263?

CVE-2026-22263 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 pat...

How severe is CVE-2026-22263?

CVE-2026-22263 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-22263?

Check the references section above for vendor advisories and patch information. Affected products include: Oisf Suricata.