PatchSiren cyber security CVE debrief
CVE-2026-5403 Wireshark Foundation CVE debrief
A vulnerability in Wireshark's SBC codec handling can lead to a denial of service and potential code execution. The issue affects Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. This CVE has a CVSS score of 7.8 and is considered high severity. The vulnerability is caused by a crash in the SBC codec handling. Users should update to a patched version of Wireshark to mitigate this vulnerability.
- Vendor
- Wireshark Foundation
- Product
- Wireshark
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-01
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-05-01
- Advisory updated
- 2026-06-30
Who should care
Network administrators and security teams responsible for managing Wireshark installations should be aware of this vulnerability. Additionally, developers working with Wireshark or similar network protocol analyzers may need to take precautions. Users of Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 are at risk and should take action.
Technical summary
The CVE-2026-5403 vulnerability is caused by a crash in the SBC codec handling in Wireshark. This can lead to a denial of service and potentially allow for code execution. The vulnerability affects Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 7.8, indicating high severity. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Defensive priority
This vulnerability has a high CVSS score of 7.8, indicating that it should be prioritized for remediation. Network administrators and security teams should take immediate action to update Wireshark to a patched version.
Recommended defensive actions
- Update Wireshark to a patched version (4.6.5 or later, or 4.4.15 or later)
- Review and apply vendor-provided security advisories and patches
- Monitor network traffic and system logs for potential exploitation attempts
- Consider implementing compensating controls, such as network segmentation or access restrictions
- Verify that Wireshark installations are up-to-date and compliant with organizational security policies
Evidence notes
The CVE-2026-5403 vulnerability is documented in the official CVE record and NVD detail pages. Additional information can be found in vendor advisories and issue tracking systems. The vulnerability affects Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14.
Official resources
-
CVE-2026-5403 CVE record
CVE.org
-
CVE-2026-5403 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Issue Tracking, Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.