Denial of Service Vulnerability in Wireshark by The Wireshark Project
CVE-2026-6532

5.5MEDIUM

Key Information:

Vendor

Wireshark
Status
Wireshark
Vendor
CVE Published:
30 April 2026

What is CVE-2026-6532?

A vulnerability in Wireshark allows an attacker to exploit the Kismet protocol dissector, leading to crashes and potential denial of service. This impacts multiple versions, specifically Wireshark 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14. Users of affected versions may experience server outages or application instability due to this flaw. It is essential for users and administrators to update to secure versions to mitigate these risks.

Affected Version(s)

Wireshark 4.6.0 < 4.6.5

Wireshark 4.4.0 < 4.4.15

References

https://www.wireshark.org/security/wnpa-sec-2026-29.html
https://gitlab.com/wireshark/wireshark/-/issues/21129
issue-trackingpermissions-required
https://gitlab.com/wireshark/wireshark/-/issues/21128
issue-trackingpermissions-required

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Sharon Brizinov
.