EUVD-2026-4789

🗓️ 27 Jan 2026 17:13:11Reported by EUVDType

Suricata memory exhaustion from crafted DNP3 traffic fixed in versions 8.0.3 and 7.0.14; disable DNP3 parsing in config.

Reporter	Title	Published	Views	Family All 21
ATTACKERKB	CVE-2026-22259	27 Jan 202617:13	–	attackerkb
AlpineLinux	CVE-2026-22259	27 Jan 202617:13	–	alpinelinux
Circl	CVE-2026-22259	14 Jan 202617:13	–	circl
CNNVD	Suricata security vulnerabilities	27 Jan 202600:00	–	cnnvd
CVE	CVE-2026-22259	27 Jan 202617:13	–	cve
Cvelist	CVE-2026-22259 Suricata dnp3: unbounded transaction growth	27 Jan 202617:13	–	cvelist
Debian CVE	CVE-2026-22259	27 Jan 202617:13	–	debiancve
NVD	CVE-2026-22259	27 Jan 202617:16	–	nvd
OSV	CVE-2026-22259 Suricata dnp3: unbounded transaction growth	27 Jan 202617:13	–	osv
OSV	DEBIAN-CVE-2026-22259	27 Jan 202617:16	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "6ec0bf42-30e7-347c-a52b-1bb8dc31e362",
        "vendor": {
          "name": "OISF"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "6c6d09c9-19b3-310d-bb10-5b3b08e22fdd",
        "product": {
          "name": "suricata"
        },
        "product_version": "8.0.0, < 8.0.3"
      },
      {
        "id": "98c8bade-489c-3446-a8ea-2256a1220ae7",
        "product": {
          "name": "suricata"
        },
        "product_version": "< 7.0.14"
      }
    ]
  }
]

Source	Link
github	www.github.com/OISF/suricata/security/advisories/GHSA-878h-2x6v-84q9
github	www.github.com/OISF/suricata/commit/50cac2e2465ca211eabfa156623e585e9037bb7e
github	www.github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942
redmine	www.redmine.openinfosecfoundation.org/issues/8181

27 Jan 2026 18:16Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.17.5

EPSS0.00114

SSVC