Description
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
- Heap overflow vulnerability in TLS protocol dissector can be exploited to cause denial of service or execute arbitrary code.
- A denial of service vulnerability in SDP protocol dissector can be exploited to cause a denial of service.
- Infinite loop vulnerability in DLMS/COSEM protocol dissector can be exploited to cause a denial of service.
- Infinite loop vulnerability in TLS protocol dissector can be exploited to cause a denial of service.
- A denial of service vulnerability in RTSP protocol dissector can be exploited to cause a denial of service.
- A denial of service vulnerability in IEEE 802.11 protocol dissector can be exploited to cause a denial of service.
Original advisories
wnpa-sec-2026-14 · TLS dissector crash and possible code execution
- wnpa-sec-2026-19 · SDP dissector crash
- wnpa-sec-2026-25 · DLMS/COSEM dissector infinite loop
- wnpa-sec-2026-33 · TLS protocol dissector infinite loop
- wnpa-sec-2026-35 · RTSP protocol dissector crash
- wnpa-sec-2026-36 · IEEE 802.11 protocol dissector crash
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2026-5402 critical
- CVE-2026-5655 critical
- CVE-2026-6526 high
- CVE-2026-6528 high
- CVE-2026-6536 high
- CVE-2026-6525 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!