CVE-2026-31932

{"id": "CVE-2026-31932", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-04-02T14:16:28.763", "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-rp9m-jcpw-hggr", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://redmine.openinfosecfoundation.org/issues/8305", "tags": ["Issue Tracking", "Permissions Required"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-407"}]}], "descriptions": [{"lang": "en", "value": "Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4."}], "lastModified": "2026-04-07T18:29:05.083", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E0D4CF4-11E0-4FB1-9C17-F38257D376ED", "versionEndExcluding": "7.0.15"}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F35C5A48-CA30-43B3-9E53-D3E51C862604", "versionEndExcluding": "8.0.4", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}