Suricata 8.0.6 and 7.0.17 released!

We are pleased to announce the releases of Suricata 8.0.6 and 7.0.17.

These are security releases, fixing a number of important issues. This is another release that reflects a change in vulnerability reporting volume as a result of the rise of AI(-assisted) analysis, resulting in a higher-than-usual number of issues.

Get the releases here:

:small_orange_diamond:8.0.6: https://www.openinfosecfoundation.org/download/suricata-8.0.6.tar.gz

:small_orange_diamond:7.0.17: https://www.openinfosecfoundation.org/download/suricata-7.0.17.tar.gz

Notable Changes

Suricata 7 has reached EOL. This means that the latest Suricata 7.0.17 will be the last one in this series. Please upgrade your setups to the latest supported version in the Suricata 8 branch.

Various security, performance, accuracy, and stability issues have been fixed.

8.0.6 tickets: https://redmine.openinfosecfoundation.org/versions/234
7.0.17 tickets: https://redmine.openinfosecfoundation.org/versions/232

Suricata-update has been updated to 1.3.8. This release includes a security fix.
LibHTP version remains the same from the previous release.

CVE IDs Addressed:

CVE Severity (OISF) Severity (CVSS 3.1) Affected Version(s) Ticket(s)
Pending HIGH HIGH 8.0.x 8726
Pending HIGH HIGH 8.0.x 8695
Pending LOW LOW 8.0.x 8660
Pending LOW LOW 8.0.x 8657
CVE-2026-57227 HIGH HIGH 8.0.x and 7.0.x 8653, 8672
CVE-2026-57229 MODERATE MODERATE 8.0.x 8650
Pending HIGH HIGH 8.0.x 8637
Pending MODERATE MODERATE 8.0.x and 7.0.x 8636, 8689
CVE-2026-57224 MODERATE MODERATE 8.0.x 8622
Pending HIGH HIGH 8.0.x 8607
Pending LOW LOW 8.0.x 8591
Pending MODERATE MODERATE 8.0.x and 7.0.x 8570, 8571
CVE-2026-57222 MODERATE MODERATE 8.0.x and 7.0.x 8568, 8569
CVE-2026-57228 HIGH HIGH 7.0.x 8608

Severity scores defined by OISF and CVSS may vary due to how we assess and evaluate impact. While CVSS has a more generic view on vulnerabilities and will penalize any network-related issues, for instance, OISF considers Suricata context as the baseline (thus, as example, affecting the network isn’t taken into account).

Suricata Security Policies: https://github.com/OISF/suricata/security/policy
Suricata Security Advisories: https://github.com/OISF/suricata/security/advisories

Security Issues

Note that we have refined our severities sometime back. CRITICAL severity is reserved for issues affecting Tier 1 features enabled by default, involving remotely triggerable traffic-based code execution. HIGH severity also covers Tier 1 features enabled by default, where there’s possible loss of visibility or availability.

If you think you’ve encountered a security vulnerability, please see how to report a security issue.

OISF Signing key updated

The OISF signing key has been recently updated to have a later expiration date. It is the same key as before, but users will need to refresh it:

gpg --receive-keys 2BA9C98CCDF1E93A

It can also be downloaded from:
https://www.openinfosecfoundation.org/downloads/OISF.pub

Using Signing Keys: https://docs.suricata.io/en/suricata-8.0.6/verifying-source-files.html

Special Thanks

Adam Kiripolsky, Andreas Dolp, Changcheng Wu of Clouditera, Chris Ramos, Corelight, Pim Sanders, Samaresh Kumar Singh, Shane Dugan, Trail of Bits in collaboration with Anthropic, Yash Datre, Yazdan Soltani, OSS-Fuzz, Coverity.

For contributing patches, reporting bugs or otherwise helping keep Suricata code secure.

News from SuriCon

The Call for Talks for SuriCon Lisbon 2026 is officially closed!
We are finalizing the last bits of the schedule, bringing together pre-SuriCon trainings and a strong lineup of talks packed with fresh ideas, practical insights, and the community spirit that makes SuriCon special.

For SuriCon archives, registration and more, go to: suricon.net

About Suricata

Suricata is a high-performance Network Threat Detection, IDS, IPS, and Network Security Monitoring engine. Open-source and owned by a community-run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by OISF, its supporting vendors, and the community.

Newsletter

Stay up-to-date with the latest events, webinars and happenings in our community: sign up for Suricata’s quarterly newsletter: https://newsletter.suricata.io/