CVE-2026-31932

HIGH

Suricata krb5: quadratic complexity in krb5 buffering

Title source: cna

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4.

References (2)

[X_Refsource_Confirm] https://github.com/OISF/suricata/security/advisories/GHSA-rp9m-jcpw-hggr

[X_Refsource_Misc] https://redmine.openinfosecfoundation.org/issues/8305

Scores

CVSS v3 7.5

EPSS 0.0005

EPSS Percentile 15.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-407

Status published

Products (3)

oisf/suricata < 7.0.15

OISF/suricata < 7.0.15

OISF/suricata >= 8.0.0, < 8.0.4

Published Apr 02, 2026

Tracked Since Apr 02, 2026