Back

Multiple Vulnerabilities in Wireshark Allow Denial of Service and Code Execution

Severity: High (Score: 70.5)

Sources: nvd.nist.gov

Summary

Two critical vulnerabilities have been identified in Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. CVE-2026-5405 involves a crash in the RDP protocol dissector, while CVE-2026-5656 pertains to a profile import path traversal issue. Both vulnerabilities allow for denial of service and potential code execution, affecting users of these Wireshark versions. The vulnerabilities were published on April 30, 2026, and are currently being monitored for active exploitation. Users are advised to check for updates and apply patches as necessary to mitigate risks. The NVD has enriched the CVE records, but further CPE information may be required. Key Points: • CVE-2026-5405 and CVE-2026-5656 affect Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. • Both vulnerabilities allow for denial of service and possible code execution. • Users are urged to apply patches to mitigate the risks associated with these vulnerabilities.

Key Entities

  • Code Execution (attack_type)
  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • CVE-2026-5405 (cve)
  • CVE-2026-5656 (cve)
  • CWE-22 - Path Traversal (cwe)
  • Wireshark (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed