Security Advisory

CVE-2026-22261

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-27 18:10:27

Last updated 2026-01-27 18:24:24

Assigner GitHub_M

State PUBLISHED

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve configuration. The setting is disabled by default.

← Browse all CVEs View on cve.org ↗