Unrated severityOSV Advisory· Published Jan 27, 2026· Updated Jan 27, 2026
Suricata http1: infinite recursion in decompression
CVE-2026-22260
Description
Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
3- github.com/OISF/suricata/commit/0dddac7278c8b9cf3c1e4c1c71e620a78ec1c185mitrex_refsource_MISC
- github.com/OISF/suricata/security/advisories/GHSA-3gm8-84cm-5x22mitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/8185mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.