Skip to main content

Wireshark EUVDEUVD-2026-26340

| CVE-2026-6533 MEDIUM
Improperly Controlled Sequential Memory Allocation (CWE-1325)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 18:16 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:47 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26340
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:36 nvd
MEDIUM 5.5

DescriptionCVE.org

Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Denial of service in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers to crash the application by triggering an unhandled exception in the LZ77 decompression engine when processing malformed compressed packet data. The vulnerability requires user interaction (opening a crafted packet capture file or receiving a malicious packet) but causes immediate application termination, impacting network analysis workflows.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Attacker crafts malformed compressed packet
Delivery
Places file in accessible location or sends to target
Exploit
Analyst opens file in Wireshark
Install
Dissection engine parses packet headers
C2
LZ77 decompression triggered on payload
Execute
Unhandled exception in decompression loop
Impact
Wireshark crashes, denial of service

Vulnerability AssessmentAI

Exploitation User interaction is required: the victim must actively open a crafted packet capture file (.pcap or .pcapng format) in Wireshark, or the application must capture live traffic containing the malformed compressed payload. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 5.5 (Medium) reflects local attack vector and requirement for user interaction (UI:R), but the actual risk is moderate. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malformed packet capture file containing a compressed payload with invalid LZ77 decompression markers and sends it to a network analyst or places it on a file-sharing system. When the analyst opens the file in Wireshark, the dissection engine attempts to decompress the payload, triggers the unhandled exception in the LZ77 decompression logic, and Wireshark crashes, terminating the analyst's work session and requiring manual recovery.
Remediation Upgrade Wireshark to version 4.6.5 or later (to patch 4.6.x branch) or 4.4.15 or later (to patch 4.4.x branch). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26340 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy