CVE-2026-15163
Received Received - Intake

Protocol Dissector Infinite Loop in Wireshark

Vulnerability report for CVE-2026-15163, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitLab Inc.

Description

Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
wireshark wireshark From 4.6.0 (inc) to 4.6.6 (inc)
wireshark wireshark From 4.4.0 (inc) to 4.4.16 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves multiple protocol dissectors in Wireshark versions 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 that can enter infinite loops.

These infinite loops occur during the processing of certain network protocols, which can cause the application to become unresponsive.

The issue allows an attacker to cause a denial of service by exploiting these infinite loops.

Impact Analysis

The primary impact of this vulnerability is denial of service.

An attacker could exploit the infinite loops in Wireshark's protocol dissectors to cause the application to hang or crash, disrupting network analysis activities.

Since the vulnerability requires local access (AV:L) and user interaction (UI:R), the risk is somewhat limited to users running the affected versions of Wireshark.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15163. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart