Home / Vulnerability Intelligence / CVE-2026-5405

CVE-2026-5405 - Vulnerability Analysis

HighCVSS: 7.8

Last Updated: May 1, 2026

Wireshark - Denial of Service & Remote Code Execution

Published: May 1, 2026Updated: May 1, 2026PoC Available

Overview

Wireshark 4.4.0 to 4.4.14 and 4.6.0 to 4.6.4 contain a denial of service and possible code execution caused by a crash in the RDP protocol dissector, letting remote attackers disrupt service or execute code, exploit requires crafted packets.

Severity & Score

Severity: High

CVSS Score: 7.8

Impact

Attackers can cause denial of service or possibly execute code remotely, disrupting network analysis or compromising the system.

Mitigation

Update to the latest version beyond 4.6.4 or 4.4.14.

References

https://gitlab.com/wireshark/wireshark/-/issues/21105
https://www.wireshark.org/security/wnpa-sec-2026-17.html
https://gitlab.com/wireshark/wireshark/-/work_items/21105

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-5405
Severity: High
CVSS Score: 7.8
Type: undefined
Status: confirmed

CWE

CWE-122
CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H