CVE-2026-6535
Dissection engine zlib decompression crash in Wireshark
Publication date: 2026-04-30
Last updated on: 2026-05-01
Assigner: GitLab Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wireshark | wireshark | From 4.4.0 (inc) to 4.4.14 (inc) |
| wireshark | wireshark | From 4.6.0 (inc) to 4.6.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1325 | The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a crash in the zlib decompression component of Wireshark's dissection engine. Specifically, in affected versions of Wireshark (4.6.0 to 4.6.4 and 4.4.0 to 4.4.14), the zlib decompressor can crash when processing certain data, leading to a denial of service condition.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS). An attacker could cause Wireshark to crash by sending specially crafted data that triggers the zlib decompression crash. This could disrupt network analysis or monitoring activities that rely on Wireshark.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the dissection engine zlib decompression crash vulnerability in Wireshark, you should upgrade Wireshark to a fixed version.
- Upgrade to Wireshark version 4.6.5 or later.
- Alternatively, upgrade to Wireshark version 4.4.15 or later if you are using the 4.4.x series.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.