Skip to main content
CVE-2026-6531 MEDIUM PATCH This Month

Infinite loop in the SANE protocol dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing malformed SANE packets. A local attacker with user privileges can trigger the infinite loop by crafting a specially formatted SANE network capture or injecting malicious packets, causing Wireshark to hang and become unresponsive, denying analysts access to packet analysis.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6530 MEDIUM PATCH This Month

Heap buffer overflow in Wireshark's DCP-ETSI protocol dissector causes denial of service when processing malformed network packets in versions 4.6.0-4.6.4 and 4.4.0-4.4.14. A local user can trigger a crash by opening a crafted packet file or live network capture, rendering the packet analysis tool unresponsive. No remote exploitation or data exfiltration is possible; impact is limited to availability.

Denial Of Service Buffer Overflow Heap Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6529 MEDIUM PATCH This Month

Heap buffer overflow in the iLBC audio codec dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers with user interaction to trigger a denial of service crash by supplying a malformed iLBC packet. The vulnerability requires user interaction to open a crafted packet capture file and does not enable code execution.

Denial Of Service Buffer Overflow Heap Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6527 MEDIUM PATCH This Month

Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed ASN.1 PER protocol packets, enabling local denial of service against users opening crafted capture files. The vulnerability requires user interaction (opening a file or receiving a live packet capture) but allows an attacker to hang or crash the application without authentication. No active exploitation has been confirmed in public sources.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6526 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0 through 4.6.4 via null pointer dereference in the RTSP protocol dissector causes application crash when processing malformed RTSP traffic. Local attackers with network access to a Wireshark instance can trigger the crash by supplying a specially crafted RTSP packet, resulting in availability impact. No public exploit code or active in-the-wild exploitation has been identified; patch availability status requires verification from vendor.

Null Pointer Dereference Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6524 MEDIUM PATCH This Month

Denial of service via MySQL protocol dissector crash in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local users with no privileges to crash the application through a crafted malicious pcap file or network capture, requiring only user interaction to open the file. The vulnerability stems from improper memory access in the MySQL dissector parser (CWE-824: Access of Uninitialized Pointer), resulting in application termination and loss of packet analysis capability. No public exploit code or active exploitation has been identified at time of analysis.

Memory Corruption Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6523 MEDIUM PATCH This Month

Infinite loop in the GNW protocol dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing malformed packets. Local attackers with user interaction can craft malicious GNW traffic or files to exhaust CPU resources and freeze the application, preventing legitimate packet analysis and potentially disrupting network troubleshooting workflows.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6520 MEDIUM PATCH This Month

Wireshark versions 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14 are vulnerable to a denial of service attack via an infinite loop in the OpenFlow v6 protocol dissector, triggered when processing malformed OpenFlow traffic. A local attacker with user interaction can crash the Wireshark application by crafting a malicious packet capture file or live traffic stream, rendering packet analysis unavailable until the process is restarted. No authentication is required, and the CVSS score of 5.5 reflects local attack vector with high availability impact.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6519 MEDIUM PATCH This Month

Infinite loop in the MBIM protocol dissector of Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing specially crafted MBIM packets. A local user with normal privileges can trigger the infinite loop via user interaction (opening a malicious packet capture file), causing the application to hang and become unresponsive. No code execution or data access is possible; impact is strictly availability.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6522 MEDIUM PATCH This Month

Infinite loop in the RPKI-Router protocol dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing malformed packets. Local attackers with user privileges can trigger the vulnerability through crafted network traffic or pcap files opened in Wireshark, rendering the application unresponsive. No authentication required; user interaction (opening a file or capturing packets) is necessary. No public exploit code or active exploitation in CISA KEV identified at time of analysis.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6870 MEDIUM PATCH This Month

Denial of service via crash in the GSM RP protocol dissector affects Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14. A local attacker with user privileges can trigger a dissector crash by crafting a malicious GSM RP packet and inducing a user to open it, causing application termination and loss of packet capture session. CVSS 5.5 reflects local attack vector and user interaction requirement; no remote exploitation path identified.

Memory Corruption Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6869 MEDIUM PATCH This Month

Wireshark versions 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed WebSocket protocol packets, enabling local denial of service. An attacker with the ability to trigger packet dissection-either by crafting a malicious PCAP file or intercepting traffic on a local network-can force the application to crash by supplying a WebSocket frame that triggers an unhandled error condition in the protocol dissector. The vulnerability requires user interaction (opening a file or navigating to a network interface) and operates at local scope, resulting in application unavailability rather than code execution.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6867 MEDIUM PATCH This Month

Wireshark SMB2 protocol dissector crashes when processing malformed packets, causing denial of service in versions 4.6.0-4.6.4 and 4.4.0-4.4.14. A local attacker with low privileges can trigger the crash by crafting a malicious SMB2 packet and inducing the user to open it in Wireshark, resulting in application termination and loss of packet capture capability. No public exploit code or active exploitation in the wild has been identified at the time of analysis.

Denial Of Service Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6868 MEDIUM PATCH This Month

Stack buffer overflow in Wireshark HTTP protocol dissector (versions 4.6.0-4.6.4 and 4.4.0-4.4.14) causes application crash when processing malformed HTTP packets, resulting in denial of service. Local attackers with ability to trigger packet analysis via user interaction can crash the application and disrupt network traffic inspection workflows.

Buffer Overflow Stack Overflow Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7378 MEDIUM PATCH This Month

Denial of service in Wireshark sharkd versions 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers with user interaction to crash the application via a heap buffer overflow. The vulnerability requires local access and user interaction (opening a malicious file or network capture), making it a low-to-moderate priority for networked analyst workstations but not a remote code execution risk.

Denial Of Service Buffer Overflow Heap Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7379 MEDIUM PATCH This Month

Memory leak in Wireshark sharkd service versions 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers with user interaction to trigger denial of service through exhaustion of system memory. The vulnerability stems from improper resource cleanup (CWE-401) during packet processing, enabling a local attacker with non-privileged access to crash the sharkd daemon or degrade system performance by repeatedly invoking operations that leak memory. No active exploitation has been confirmed at time of analysis, and exploitation requires local file system access combined with user interaction.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7375 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 via infinite loop in the UDS protocol dissector allows local attackers to crash the application by opening a specially crafted packet capture file. The vulnerability requires user interaction (opening a malicious file) and is triggered during packet dissection, affecting the availability of the analysis tool but not confidentiality or integrity.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7376 MEDIUM PATCH This Month

Null pointer dereference in Wireshark sharkd 4.4.0-4.4.14 and 4.6.0-4.6.4 causes denial of service when processing crafted input, crashing the daemon. Local attackers with low privileges can trigger the crash via user interaction, rendering the packet analysis service unavailable. No authentication required, and publicly available exploit code does not appear to exist at time of analysis.

Null Pointer Dereference Denial Of Service Wireshark
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6535 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes application crash during zlib decompression in the packet dissection engine when processing malformed compressed traffic. Local attackers with user privileges can trigger the crash by opening a specially crafted pcap file or receiving a malicious packet capture, requiring user interaction but no authentication. No public exploit code or active exploitation has been identified at time of analysis.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6532 MEDIUM PATCH This Month

Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed Kismet protocol packets due to a buffer overflow in the Kismet dissector, allowing unauthenticated remote denial of service via a crafted network capture file or live traffic. User interaction (opening a malicious capture file or capturing traffic) is required. No public exploit code or active exploitation has been identified at the time of analysis.

Buffer Overflow Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6528 MEDIUM PATCH This Month

Infinite loop in the TLS protocol dissector of Wireshark 4.6.0 through 4.6.4 causes denial of service when processing malformed TLS packets. Local attackers can trigger the infinite loop by crafting packets and opening them with Wireshark, causing the application to hang or consume excessive CPU resources. User interaction is required to open the malicious packet capture, limiting the attack to scenarios where a victim is tricked into opening untrusted network traffic files.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-6521 MEDIUM PATCH This Month

Wireshark versions 4.6.0-4.6.4 and 4.4.0-4.4.14 are vulnerable to denial of service via infinite loops in the OpenFlow v5 protocol dissector when processing maliciously crafted packets. An attacker can trigger CPU exhaustion and application hang by delivering a specially crafted OpenFlow v5 packet to a user running an affected version, requiring user interaction (opening a capture file or live packet capture). No public exploit code has been identified, but the vulnerability is straightforward to trigger once the root cause is known.

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7500 MEDIUM This Month

Keycloak's Account REST API remains partially accessible even when explicitly disabled via the `--features-disabled=account,account-api` flag, allowing authenticated users to read and modify account data through five unprotected endpoints under `/account/v1alpha1/` that lack the required `checkAccountApiEnabled()` access control gate present in four sibling endpoints within the same service class.

Information Disclosure Red Hat Build Of Keycloak
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-36756 MEDIUM This Month

Server-Side Request Forgery (SSRF) in Halo v2.22.14's /plugins/-/install-from-uri endpoint enables authenticated attackers to scan internal resources and potentially access sensitive information via crafted GET requests. The vulnerability requires valid authentication credentials but operates with low attack complexity over the network, exposing internal network topology and services to enumeration attacks.

SSRF N A
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-36766 MEDIUM This Month

Authenticated cross-site scripting (XSS) vulnerabilities in Shopizer v3.2.5's XssHttpServletRequestWrapper class allow authenticated attackers to execute arbitrary web scripts or HTML by injecting crafted payloads into the getInputStream() or getReader() functions. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting exploitation to logged-in users who can be socially engineered into clicking malicious links or submitting forms. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS N A
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-41654 MEDIUM PATCH GHSA This Month

Authenticated Server-Side Request Forgery (SSRF) in Weblate before 5.17.1 allows users with project.add permission to import crafted project backup ZIPs containing malicious repository URLs pointing to private addresses or using non-allowlisted schemes (file://, git://) that bypass URL validation. The vulnerability exists because bulk_create() circumvents Django's full_clean() validator; attackers can write arbitrary URLs into .git/config, enabling SSRF attacks against internal systems or protocol exploitation.

Python Authentication Bypass Suse
NVD GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-14688 MEDIUM PATCH This Month

Denial of service in IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 allows authenticated users to crash the database server via improper neutralization of special elements in query logic when specific configurations are present. Attack requires valid database credentials and high attack complexity, limiting exploitation to insiders or users with legitimate access. Vendor has released patches addressing the underlying query parsing flaw.

Microsoft Denial Of Service IBM
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-6498 MEDIUM This Month

Five Star Restaurant Reservations plugin for WordPress versions up to 2.7.16 allows unauthenticated attackers to bypass payment verification through PHP type juggling in the valid_payment() function. The vulnerability exists in the rtb_stripe_pmt_succeed AJAX handler, which uses loose comparison (==) between attacker-supplied payment_id and the booking's stripe_payment_intent_id. When the intent ID is null (before Stripe intent creation), an empty payment_id parameter passes validation, enabling attackers to mark payment-pending bookings as paid without completing actual Stripe payments. This permits unauthorized order fulfillment and revenue loss for affected WordPress sites.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-36180 MEDIUM PATCH This Month

IBM watsonx.data versions 2.2 through 2.3 fail to enforce proper network segmentation between Kubernetes pods in the Lakehouse component, allowing attackers with network access to the cluster to transfer data between pods without authentication or authorization controls. This integrity vulnerability has a moderate CVSS score of 5.3 and requires adjacent network access and specific configuration conditions to exploit.

IBM Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-41226 MEDIUM This Month

Open redirect vulnerability in Ricoh Web Image Monitor affects multiple laser printers and multifunction printers, allowing unauthenticated remote attackers to redirect users to arbitrary websites via specially crafted URLs. Successful exploitation enables phishing attacks by deceiving users into visiting malicious sites while appearing to originate from trusted printer interfaces. No active exploitation has been confirmed, but the vulnerability requires only user interaction (clicking a malicious link) and affects all configurations by default.

Open Redirect
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-22726 MEDIUM This Month

Route Services in Cloud Foundry Routing Release v0.118.0-v0.371.0 and CF Deployment v0.0.2-v54.14.0 allow authenticated malicious developers to bypass application egress rules by configuring route-services that redirect traffic to internal network destinations otherwise unreachable from external networks or the application itself. This affects the scope of the routing infrastructure, enabling information disclosure and potential lateral movement within the Gorouter network.

Information Disclosure Routing Release Cf Deployment
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-36764 MEDIUM This Month

Server-side request forgery in SpringBlade v4.8.0 allows authenticated network attackers to scan internal resources by sending crafted GET requests to the /ureport/datasource/testConnection endpoint, enabling reconnaissance of non-routable or restricted-access network segments. The vulnerability affects confidentiality but requires valid authentication credentials to exploit.

SSRF
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-40687 MEDIUM PATCH This Month

Out-of-bounds write in Exim before 4.99.2 SPA authentication driver allows remote attackers to crash the mail server connection or leak uninitialized heap memory when processing adversarial SPA authentication resources, affecting confidentiality and availability of the mail service.

Buffer Overflow Suse
NVD VulDB
CVSS 3.1
4.8
EPSS
0.1%
CVE-2026-33448 MEDIUM PATCH This Month

Format string vulnerability in Secure Access client for macOS prior to version 14.50 allows authenticated local attackers to leak sensitive data from process memory via crafted logging input, potentially exposing secrets through log files. The vulnerability requires local access and valid user privileges but no user interaction. Patch is available from the vendor.

Information Disclosure Apple
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-5404 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers to crash the application by parsing malformed K12 RF5 files with user interaction. The vulnerability stems from a buffer overflow in the K12 RF5 file parser, requiring an attacker to trick a user into opening a crafted file. No public exploit code or active exploitation has been identified at time of analysis.

Denial Of Service Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-1493 MEDIUM PATCH This Month

DOM-based cross-site scripting in LEX Baza Dokumentów through version 1.3.3 allows attackers to execute arbitrary JavaScript in victim browsers via unsafe processing of the 'em' cookie parameter on the client side. Exploitation requires local access and user interaction, and the attacker must have the ability to set a cookie, significantly limiting real-world attack surface. The vendor has released patch version 1.3.4 to address this vulnerability.

XSS Lex Baza Dokument W
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-6539 MEDIUM PATCH This Month

Format string injection in Notepad++ 8.9.3 Find Results panel handler allows local attackers to cause denial of service and disclose stack memory by distributing malicious nativeLang.xml language pack files that trigger unsafe format string interpretation during search operations. User interaction is required to load the poisoned language pack and perform a search. No active exploitation confirmed, but patch is available from vendor.

Denial Of Service Information Disclosure Notepad
NVD
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-36758 MEDIUM This Month

Server-side request forgery in Halo v2.22.14 /themes/-/install-from-uri endpoint allows authenticated attackers to scan internal resources and access sensitive network information via crafted GET requests. The vulnerability requires valid authentication credentials but operates with low attack complexity and results in confidentiality impact through information disclosure of internal network topology and services.

SSRF N A
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-36757 MEDIUM This Month

Server-Side Request Forgery (SSRF) in Halo v2.22.14's /plugins/{name}/upgrade-from-uri endpoint permits authenticated attackers to scan internal network resources and retrieve sensitive data via crafted GET requests, potentially enabling reconnaissance of internal infrastructure. The vulnerability requires valid authentication credentials but operates with low attack complexity, affecting the confidentiality of internal resources without requiring user interaction or administrative privileges.

SSRF N A
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-41519 MEDIUM PATCH GHSA This Month

Weblate fails to revoke Django REST Framework API tokens when users change their passwords, allowing attackers with knowledge of a user's old credentials to continue accessing APIs indefinitely even after password changes. The vulnerability affects authenticated users on Weblate versions prior to 5.17.1 and requires high attack complexity due to the need for legitimate account access, but carries meaningful risk in multi-user translation environments where password compromise may go undetected.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-42798 MEDIUM PATCH This Month

Integer overflow in Little CMS color engine versions 2.16 through 2.18 allows local attackers to trigger integer overflow in the ParseCube function when processing specially crafted color lookup table (LUT) input files, potentially resulting in buffer overflow and denial of service or information disclosure. The vulnerability affects the CGATS parser used for loading ICC color profiles and LUT data. No public exploit code identified at time of analysis, though upstream fix is available in version 2.19.

Integer Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy