High severity7.5NVD Advisory· Published Apr 2, 2026· Updated Apr 7, 2026

CVE-2026-31935

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata process being shut down by the operating system. This issue has been patched in versions 7.0.15 and 8.0.4.

Affected products

Oisf/Suricata
cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*
Range: <7.0.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/OISF/suricata/security/advisories/GHSA-vxrp-5pg7-7v4xnvdVendor Advisory
redmine.openinfosecfoundation.org/issues/8289nvdIssue TrackingPermissions Required

News mentions

CVE-2025-68670: discovering an RCE vulnerability in xrdp
Securelist · May 8, 2026
What researchers learned about building an LLM security workflow
Help Net Security · May 4, 2026

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000