Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service

Project Subscriptions

Vendors Products
Wireshark Subscribe
Wireshark Subscribe
Advisories

No advisories yet.

Fixes

Solution

Upgrade to version 4.6.7 or above


Workaround

No workaround given by the vendor.

History

Thu, 09 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 09 Jul 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 08 Jul 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
Title Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Weaknesses CWE-835
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-07-09T13:49:25.283Z

Reserved: 2026-07-08T20:45:13.994Z

Link: CVE-2026-15163

cve-icon Vulnrichment

Updated: 2026-07-09T13:49:21.763Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-07-08T20:50:40Z

Links: CVE-2026-15163 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-08T22:45:08Z

Weaknesses