Home / Vulnerability Intelligence / CVE-2026-6534

CVE-2026-6534 - Vulnerability Analysis

MediumCVSS: 5.5

Last Updated: May 1, 2026

Wireshark - Denial of Service

Published: April 30, 2026Updated: May 1, 2026PoC Available

Overview

Wireshark 4.4.0 to 4.4.14 and 4.6.0 to 4.6.4 contain an infinite loop vulnerability in the USB HID protocol dissector, letting remote attackers cause denial of service, exploit requires crafted USB HID packets.

Severity & Score

Severity: Medium

CVSS Score: 5.5

Impact

Attackers can cause denial of service by triggering an infinite loop in the USB HID dissector, leading to application crash or hang.

Mitigation

Update to a version later than 4.6.4 or 4.4.14.

References

https://gitlab.com/wireshark/wireshark/-/work_items/21121
https://gitlab.com/wireshark/wireshark/-/issues/21121
https://www.wireshark.org/security/wnpa-sec-2026-27.html

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-6534
Severity: Medium
CVSS Score: 5.5
Type: denial_of_service
Status: confirmed

CWE

CWE-835

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H