Vulners
Lucene search
Suricata < 7.0.16 Denial of Service Vulnerability
| Reporter | Title | Published | Views | Family All 2 |
|---|---|---|---|---|
 | CVE-2026-45747 | 20 May 202614:15 | – | circl |
 | CVE-2026-45747 | 20 May 202614:15 | – | cve |
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(318837);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/05");
script_cve_id("CVE-2026-45747");
script_xref(name:"IAVB", value:"2026-B-0147");
script_name(english:"Suricata < 7.0.16 Denial of Service Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"An IDS/IPS solution running on the remote host is affected by a denial of service vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of OISF Suricata installed on the remote host is prior to 7.0.16. It is, therefore, affected by a
vulnerability:
- The Lua TLS certificate information helper could dereference NULL certificate fields when a Lua script
requested certificate information for TLS traffic where some certificate fields were absent. Crafted TLS
traffic processed by a deployment using affected Lua TLS scripting could crash Suricata, resulting in
denial of service. (CVE-2026-45747)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://github.com/OISF/suricata/security/advisories/GHSA-vfc5-9844-rmhv
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2a411db0");
script_set_attribute(attribute:"solution", value:
"Upgrade Suricata to version 7.0.16 or higher.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-45747");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/05/19");
script_set_attribute(attribute:"patch_publication_date", value:"2026/05/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oisf:suricata");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oisf_suricata_win_installed.nbin", "oisf_suricata_nix_installed.nbin");
script_require_keys("installed_sw/Open Information Security Foundation Suricata");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'requires': [ {'scope': 'target', 'match_one': {'os': ['linux', 'windows'] } } ],
'checks': [
{
'product': {'name': 'Open Information Security Foundation Suricata', 'type': 'app'},
'check_algorithm': 'default',
'constraints': [
{'fixed_version':'7.0.16'}
]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Jun 2026 00:00Current
5.5Medium risk
Vulners AI Score5.5