CVE-2026-15172
Received Received - Intake

FMP/NOTIFY Protocol Dissector DoS in Wireshark

Vulnerability report for CVE-2026-15172, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: GitLab Inc.

Description

FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
wireshark wireshark From 4.6.0 (inc) to 4.6.6 (inc)
wireshark wireshark From 4.4.0 (inc) to 4.4.16 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-606 The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a crash in the FMP/NOTIFY protocol dissector component of Wireshark versions 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16. It causes the application to crash when processing certain protocol data, leading to a denial of service condition.

Impact Analysis

The impact of this vulnerability is a denial of service (DoS) attack. An attacker could cause Wireshark to crash by sending specially crafted FMP/NOTIFY protocol data, disrupting network traffic analysis or monitoring activities.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15172. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart