Denial of Service Vulnerability in Wireshark Product by Wireshark
CVE-2026-0961

5.5MEDIUM

Key Information:

Vendor: Wireshark
Status: Wireshark
Vendor: CVE Published:; 14 January 2026

What is CVE-2026-0961?

A Denial of Service vulnerability exists in the Wireshark product due to a crash caused by the BLF file parser. This affects versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12, making it possible for an attacker to cause the application to become unresponsive by leveraging specially crafted BLF files.

Affected Version(s)

Wireshark 4.6.0 < 4.6.3

Wireshark 4.4.0 < 4.4.13

References

https://www.wireshark.org/security/wnpa-sec-2026-01.html

https://gitlab.com/wireshark/wireshark/-/issues/20880

issue-trackingpermissions-required

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2026
Vulnerability Reserved
Jan 14, 2026

CVE-2026-0961 Data

JSON