PatchSiren

Wireshark Foundation CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Wireshark Foundation CVE published 2026-07-08

CVE-2026-15164

A medium severity denial of service vulnerability was found in Wireshark's ciscodump feature. The vulnerability affects Wireshark versions 4.4.0 to 4.4.16 and 4.6.0 to 4.6.6. An attacker could exploit this vulnerability to crash the ciscodump feature, leading to a denial of service. This issue is caused by a crash in the ciscodump feature of Wireshark, which is used to capture and analyze Cisco device dat [truncated]

MEDIUM Wireshark Foundation CVE published 2026-05-27

CVE-2026-9759

A denial-of-service vulnerability exists in the ROHC (Robust Header Compression) protocol dissector of Wireshark versions 4.6.0 through 4.6.5 and 4.4.0 through 4.4.15. The flaw can cause the dissector to crash when processing malformed ROHC traffic, resulting in loss of availability for the Wireshark application. The vulnerability is classified as CWE-476 (NULL Pointer Dereference) and carries a CVSS 3.1 [truncated]

HIGH Wireshark Foundation CVE published 2026-05-01

CVE-2026-5403

A vulnerability in Wireshark's SBC codec handling can lead to a denial of service and potential code execution. The issue affects Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. This CVE has a CVSS score of 7.8 and is considered high severity. The vulnerability is caused by a crash in the SBC codec handling. Users should update to a patched version of Wireshark to mitigate this vulnerability.

HIGH Wireshark Foundation CVE published 2026-04-30

CVE-2026-5402

CVE-2026-5402 is a high-severity vulnerability in Wireshark, a popular network protocol analyzer. The vulnerability is caused by a heap overflow in the TLS protocol dissector, which could lead to denial-of-service (DoS) attacks and potentially allow for code execution. The vulnerability affects Wireshark versions 4.6.0 to 4.6.4. The Common Vulnerability Scoring System (CVSS) score for this vulnerability i [truncated]