PatchSiren cyber security CVE debrief
CVE-2026-15165 Wireshark CVE debrief
CVE-2026-15165 is a vulnerability in Wireshark, a popular network protocol analyzer, that can cause a denial-of-service (DoS) attack. The issue arises from a TLS ECH decryptor crash in Wireshark versions 4.6.0 through 4.6.6. This vulnerability has been assigned a CVSS score of 5.5, indicating a medium severity level. Network administrators and security professionals should be aware of the potential impact on network infrastructure and take steps to mitigate the risk.
- Vendor
- Wireshark
- Product
- Wireshark
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-08
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-08
- Advisory updated
- 2026-07-10
Who should care
Network administrators and security professionals responsible for managing and securing network infrastructure should be aware of this vulnerability. Specifically, those using Wireshark versions 4.6.0 through 4.6.6 should take immediate action to mitigate the risk. This includes reviewing and updating system configurations, monitoring network traffic, and implementing additional security controls as needed.
Technical summary
The vulnerability is caused by a TLS ECH decryptor crash in Wireshark, which can be exploited to launch a denial-of-service (DoS) attack. The Common Vulnerabilities and Exposures (CVE) score for this vulnerability is 5.5, indicating a medium severity level. The CVSS vector for this vulnerability is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. Affected systems include Wireshark versions 4.6.0 through 4.6.6.
Defensive priority
Medium priority should be given to patching or mitigating this vulnerability, as it can lead to a denial-of-service attack.
Recommended defensive actions
- Update Wireshark to version 4.6.7 or later
- Implement network segmentation to limit the attack surface
- Monitor network traffic for suspicious activity
- Consider using a Web Application Firewall (WAF) to detect and prevent attacks
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-08T21:16:47.450Z and was last modified on 2026-07-10T13:51:09.720Z. The NVD entry is currently Analyzed. Evidence is limited to public sources and may not reflect the full scope or impact of this vulnerability. Defenders should verify affected systems and review official advisories for specific guidance.
Official resources
-
CVE-2026-15165 CVE record
CVE.org
-
CVE-2026-15165 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Issue Tracking, Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-08T21:16:47.450Z and has not been modified since then. The NVD entry is currently Analyzed.