Home / Vulnerability Intelligence / CVE-2026-6531

CVE-2026-6531 - Vulnerability Analysis

MediumCVSS: 5.5

Last Updated: May 1, 2026

Wireshark - Denial of Service

Published: April 30, 2026Updated: May 1, 2026PoC Available

Overview

Wireshark 4.4.0 to 4.4.14 and 4.6.0 to 4.6.4 contain an infinite loop vulnerability in the SANE protocol dissector, letting remote attackers cause denial of service, exploit requires crafted packets.

Severity & Score

Severity: Medium

CVSS Score: 5.5

Impact

Attackers can cause denial of service by triggering an infinite loop in the protocol dissector.

Mitigation

Update to the latest version beyond 4.6.4 or 4.4.14.

References

https://gitlab.com/wireshark/wireshark/-/issues/21139
https://www.wireshark.org/security/wnpa-sec-2026-30.html
https://gitlab.com/wireshark/wireshark/-/work_items/21139

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-6531
Severity: Medium
CVSS Score: 5.5
Type: denial_of_service
Status: confirmed

CWE

CWE-835

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H