{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-31932","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-03-10T15:10:10.654Z","datePublished":"2026-04-02T14:02:40.205Z","dateUpdated":"2026-04-02T18:33:25.016Z"},"containers":{"cna":{"title":"Suricata krb5: quadratic complexity in krb5 buffering","problemTypes":[{"descriptions":[{"cweId":"CWE-407","lang":"en","description":"CWE-407: Inefficient Algorithmic Complexity","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"name":"https://github.com/OISF/suricata/security/advisories/GHSA-rp9m-jcpw-hggr","tags":["x_refsource_CONFIRM"],"url":"https://github.com/OISF/suricata/security/advisories/GHSA-rp9m-jcpw-hggr"},{"name":"https://redmine.openinfosecfoundation.org/issues/8305","tags":["x_refsource_MISC"],"url":"https://redmine.openinfosecfoundation.org/issues/8305"}],"affected":[{"vendor":"OISF","product":"suricata","versions":[{"version":"< 7.0.15","status":"affected"},{"version":">= 8.0.0, < 8.0.4","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-04-02T14:02:40.205Z"},"descriptions":[{"lang":"en","value":"Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4."}],"source":{"advisory":"GHSA-rp9m-jcpw-hggr","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-04-02T18:33:08.564205Z","id":"CVE-2026-31932","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-04-02T18:33:25.016Z"}}]}}