Denial of Service Vulnerability in Wireshark by The Wireshark Foundation
CVE-2026-15173

4.7MEDIUM

Key Information:

Vendor

Wireshark

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-15173?

A critical vulnerability exists in the pcapng file parser of Wireshark versions 4.6.0 to 4.6.6, which can be exploited to cause a denial of service. When processing malformed pcapng files, the software encounters a crash. This not only disrupts the functionality of the application but can also affect network analysis workflows. Users are advised to update to the latest version of Wireshark to mitigate the risks associated with this vulnerability.

Affected Version(s)

Wireshark 4.6.0 < 4.6.7

References

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mitchell Benjamin
.