CVE-2026-7378
Received Received - Intake

sharkd Denial of Service Vulnerability

Vulnerability report for CVE-2026-7378, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-30

Last updated on: 2026-05-01

Assigner: GitLab Inc.

Description

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-30
Last Modified
2026-05-01
Generated
2026-07-06
AI Q&A
2026-04-30
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
wireshark wireshark From 4.4.0 (inc) to 4.4.15 (exc)
wireshark wireshark From 4.6.0 (inc) to 4.6.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-7378 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

The CVE-2026-7378 vulnerability affects the Wireshark Sharkd utility, causing it to crash due to a heap-buffer-overflow issue. This happens when sharkd uses a cached filter bitmap from a previously loaded capture file that is smaller than the frame count of a newly loaded capture. Because the cache is never invalidated, a read operation can go beyond the allocated memory, leading to a crash.

The affected versions are Wireshark Sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. The vulnerability can be triggered by providing a specially crafted input file to sharkd.

Impact Analysis

This vulnerability can cause a denial of service by crashing the sharkd utility when it processes certain input files. While there are no known exploits in the wild, an attacker could potentially trigger a crash by supplying a specially crafted capture file, disrupting network analysis or monitoring activities that rely on sharkd.

Detection Guidance

There are no specific detection commands or network/system detection methods provided for this vulnerability in the available resources.

The vulnerability is triggered by providing a specially crafted input file to the sharkd utility, which causes a heap-buffer-overflow and crash.

Detection would likely involve monitoring for crashes or abnormal behavior in the sharkd process when processing capture files.

Mitigation Strategies

The recommended immediate mitigation step is to upgrade the Wireshark sharkd utility to version 4.6.5, 4.4.15, or later.

Upgrading will address the heap-buffer-overflow vulnerability and prevent potential denial of service caused by crashes.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7378. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart