Information Disclosure Vulnerability in Wireshark by the Vendor Wireshark
CVE-2026-15168

2.5LOW

Key Information:

Vendor

Wireshark

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15168?

A vulnerability in the BLF file parser of Wireshark versions 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 could allow attackers to access sensitive information. This flaw may lead to unauthorized data exposure, posing a significant risk to users relying on this network protocol analyzer for analysis tasks. It's crucial for users to update their software to mitigate potential threats associated with this vulnerability.

Affected Version(s)

Wireshark 4.6.0 < 4.6.7

Wireshark 4.4.0 < 4.4.17

References

CVSS V3.1

Score:
2.5
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Thai Duong Tran
.