Denial of Service Vulnerability in Wireshark by The Wireshark Foundation
CVE-2026-7375

5.5MEDIUM

Key Information:

Vendor: Wireshark
Status: Wireshark
Vendor: CVE Published:; 30 April 2026

What is CVE-2026-7375?

An infinite loop vulnerability exists in the UDS protocol dissector in specific versions of Wireshark. This flaw can lead to a denial of service condition, causing the application to hang indefinitely when processing certain inputs. Users operating Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 may experience interruptions in service, ultimately impacting network analysis capabilities. It's crucial for users to update to a patched version to mitigate the risk associated with this vulnerability.

Affected Version(s)

Wireshark 4.6.0 < 4.6.5

Wireshark 4.4.0 < 4.4.15

References

https://www.wireshark.org/security/wnpa-sec-2026-50.html

https://gitlab.com/wireshark/wireshark/-/work_items/21225

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 29, 2026

Credit

Jaime Cavero

CVE-2026-7375 Data

JSON