Description
Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, there is a quadratic complexity issue when searching for URLs in mime encoded messages over SMTP leading to a performance impact. This issue has been patched in version 8.0.4.
Published: 2026-04-02
Score: 7.5 High
EPSS: n/a
KEV: No
Impact: Performance Degradation and Potential Denial of Service
Action: Patch
AI Analysis

Impact

Suricata’s routine that extracts URLs from MIME‑encoded SMTP messages has quadratic‑time complexity. When a large number of URLs are present, the parser can consume excessive CPU cycles, which degrades overall performance. If an attacker repeatedly injects such traffic, the system can become overwhelmed, leading to a denial‑of‑service condition. This weakness corresponds to CWE‑407, which describes time‑complexity vulnerabilities.

Affected Systems

The flaw affects the Open Information Security Foundation’s Suricata network IDS/IPS, specifically versions from 8.0.0 up through 8.0.3. Versions 8.0.4 and later contain the necessary patch.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity, and the vulnerability is not listed in CISA’s KEV catalog. The EPSS score is unavailable. The likely attack vector is a network‑based approach that requires an attacker to send crafted SMTP traffic to a susceptible Suricata deployment. Without remediation, the impact could be sustained CPU exhaustion and service disruption, but no direct information about exploitability conditions beyond network traffic is provided in the official description.

Generated by OpenCVE AI on April 2, 2026 at 15:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Suricata 8.0.4 patch or later update to eliminate the quadratic processing flaw

Generated by OpenCVE AI on April 2, 2026 at 15:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1333
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Oisf
Oisf suricata
Vendors & Products Oisf
Oisf suricata

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
Description Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, there is a quadratic complexity issue when searching for URLs in mime encoded messages over SMTP leading to a performance impact. This issue has been patched in version 8.0.4.
Title Suricata smtp/mine: quadratic complexity in extracting urls
Weaknesses CWE-407
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Oisf Suricata
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-02T15:00:49.250Z

Reserved: 2026-03-10T15:10:10.654Z

Link: CVE-2026-31934

cve-icon Vulnrichment

Updated: 2026-04-02T15:00:44.719Z

cve-icon NVD

Status : Received

Published: 2026-04-02T15:16:37.440

Modified: 2026-04-02T15:16:37.440

Link: CVE-2026-31934

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-02T14:21:08Z

Links: CVE-2026-31934 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T20:21:00Z

Weaknesses