Skip to main content

Wireshark EUVDEUVD-2026-26347

| CVE-2026-6869 MEDIUM
Improperly Controlled Sequential Memory Allocation (CWE-1325)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 18:15 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:45 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26347
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:33 nvd
MEDIUM 5.5

DescriptionCVE.org

WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Wireshark versions 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed WebSocket protocol packets, enabling local denial of service. An attacker with the ability to trigger packet dissection-either by crafting a malicious PCAP file or intercepting traffic on a local network-can force the application to crash by supplying a WebSocket frame that triggers an unhandled error condition in the protocol dissector. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Attacker crafts malformed WebSocket frame
Delivery
Delivers frame via PCAP file or network injection
Exploit
User opens file or monitors live traffic
Install
Wireshark dissector parses frame
C2
Unhandled error in dissector logic
Execute
Application crash
Impact
Service unavailability

Vulnerability AssessmentAI

Exploitation The vulnerability requires a user to either open a malicious PCAP file containing a crafted WebSocket frame or actively monitor network traffic (live capture) on a network segment where an attacker can inject malformed WebSocket frames. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 5.5 with local attack vector and user interaction requirement indicates moderate real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A security analyst working for a financial services firm receives a PCAP file from a partner during incident response, purportedly containing suspicious encrypted traffic. The analyst opens the file in Wireshark 4.6.2 to inspect packet metadata. …
Remediation Upgrade Wireshark immediately to version 4.6.5 or later (for the 4.6 branch) or version 4.4.15 or later (for the 4.4 branch). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26347 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy