Description

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not use rules with datasets `save` nor `state` options.

INFO

Published Date :

2026-01-27T18:18:52.922Z

Last Modified :

2026-01-27T19:30:42.782Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-22262 vulnerability.

Vendors Products
Oisf
  • Suricata
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22262.

URL Resource
https://github.com/OISF/suricata/commit/0eff24213763c2aa2bb0957901d5dc1e18414dbf cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/commit/27a2180bceaa3477419c78c54fce364398d011f1 cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/commit/32609e6896f9079c175665a94005417cec7637eb cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/commit/32a1b9ae6aa80a60c073897e38a2ac6ea0f64521 cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/commit/d6bc718e303ecbec5999066b8bc88eeeca743658 cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/commit/d767dfadcd166f82683757818b9e46943326ac90 cve-icon cve-icon cve-icon
https://github.com/OISF/suricata/security/advisories/GHSA-9qg5-2gwh-xp86 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-22262 cve-icon
https://redmine.openinfosecfoundation.org/issues/8110 cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-22262 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact