Denial of Service Vulnerability in Wireshark by The Wireshark Team
CVE-2025-13674

5.5MEDIUM

Key Information:

Vendor: Wireshark
Status: Wireshark
Vendor: CVE Published:; 26 November 2025

What is CVE-2025-13674?

A vulnerability exists in Wireshark 4.6.0 that affects the BPv7 dissector, leading to a potential denial of service. An attacker can exploit this flaw to cause the application to crash, disrupting network analysis activities. Users are advised to update to the latest version of Wireshark to mitigate risks associated with this vulnerability.

Affected Version(s)

Wireshark 4.6.0

References

https://www.wireshark.org/security/wnpa-sec-2025-05.html

https://gitlab.com/wireshark/wireshark/-/issues/20770

issue-trackingpermissions-required

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2025
Vulnerability Reserved
Nov 25, 2025

JSON