Wireshark Foundation Wireshark vulnerabilities

83 known vulnerabilities affecting wireshark_foundation/wireshark.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH41MEDIUM41

Vulnerabilities

Page 1 of 5

CVE-2026-3203HIGHCVSS 7.5≥ 4.6.0, < 4.6.4≥ 4.4.0, < 4.4.142026-02-25

CVE-2026-3203 [HIGH] CWE-126 CVE-2026-3203: RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

cvelistv5nvd

CVE-2026-3201HIGHCVSS 7.5≥ 4.6.0, < 4.6.4≥ 4.4.0, < 4.4.142026-02-25

CVE-2026-3201 [HIGH] CWE-1325 CVE-2026-3201: USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

cvelistv5nvd

CVE-2026-3202HIGHCVSS 7.5≥ 4.6.0, < 4.6.42026-02-25

CVE-2026-3202 [HIGH] CWE-476 CVE-2026-3202: NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service

cvelistv5nvd

CVE-2026-0960MEDIUMCVSS 5.5≥ 4.6.0, < 4.6.32026-01-14

CVE-2026-0960 [MEDIUM] CWE-835 CVE-2026-0960: HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service

cvelistv5nvd

CVE-2026-0962MEDIUMCVSS 6.5≥ 4.6.0, < 4.6.3≥ 4.4.0, < 4.4.132026-01-14

CVE-2026-0962 [MEDIUM] CWE-787 CVE-2026-0962: SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

cvelistv5nvd

CVE-2026-0961MEDIUMCVSS 6.5≥ 4.6.0, < 4.6.3≥ 4.4.0, < 4.4.132026-01-14

CVE-2026-0961 [MEDIUM] CWE-787 CVE-2026-0961: BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

cvelistv5nvd

CVE-2026-0959MEDIUMCVSS 6.5≥ 4.6.0, < 4.6.3≥ 4.4.0, < 4.4.132026-01-14

CVE-2026-0959 [MEDIUM] CWE-787 CVE-2026-0959: IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial o IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

cvelistv5nvd

CVE-2025-13946MEDIUMCVSS 5.5≥ 4.6.0, < 4.6.1≥ 4.4.0, < 4.4.112025-12-03

CVE-2025-13946 [MEDIUM] CWE-835 CVE-2025-13946: MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of serv MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service

cvelistv5nvd

CVE-2025-13945MEDIUMCVSS 5.5≥ 4.6.0, < 4.6.12025-12-03

CVE-2025-13945 [MEDIUM] CWE-1325 CVE-2025-13945: HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service

cvelistv5nvd

CVE-2025-13674MEDIUMCVSS 5.5v4.6.02025-11-26

CVE-2025-13674 [MEDIUM] CWE-824 CVE-2025-13674: BPv7 dissector crash in Wireshark 4.6.0 allows denial of service BPv7 dissector crash in Wireshark 4.6.0 allows denial of service

cvelistv5nvd

CVE-2025-13499MEDIUMCVSS 5.5v4.6.0≥ 4.4.0, < 4.4.112025-11-21

CVE-2025-13499 [MEDIUM] CWE-824 CVE-2025-13499: Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service

cvelistv5nvd

CVE-2025-11626MEDIUMCVSS 5.5≥ 4.4.0, < 4.4.10≥ 4.2.0, < 4.2.142025-10-10

CVE-2025-11626 [MEDIUM] CWE-835 CVE-2025-11626: MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of servi MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service

cvelistv5nvd

CVE-2025-9817HIGHCVSS 7.5≥ 4.4.0, < 4.4.92025-09-03

CVE-2025-9817 [HIGH] CWE-476 CVE-2025-9817: SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service

cvelistv5nvd

CVE-2025-5601MEDIUMCVSS 6.5≥ 4.4.0, < 4.4.7≥ 4.2.0, < 4.2.132025-06-04

CVE-2025-5601 [MEDIUM] CWE-120 CVE-2025-5601: Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2025-1492HIGHCVSS 7.5≥ 4.4.0, < 4.4.4≥ 4.2.0, < 4.2.112025-02-20

CVE-2025-1492 [HIGH] CWE-674 CVE-2025-1492: Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows de Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2024-11595MEDIUMCVSS 5.5≥ 4.4.0, < 4.4.2≥ 4.2.0, < 4.2.92024-11-21

CVE-2024-11595 [MEDIUM] CWE-835 CVE-2024-11595: FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of s FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2024-11596MEDIUMCVSS 5.5≥ 4.4.0, < 4.4.2≥ 4.2.0, < 4.2.92024-11-21

CVE-2024-11596 [MEDIUM] CWE-126 CVE-2024-11596: ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via pac ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2024-9781HIGHCVSS 7.5≥ 4.4.0, < 4.4.1≥ 4.2.0, < 4.2.82024-10-10

CVE-2024-9781 [HIGH] CWE-230 CVE-2024-9781: AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2024-9780MEDIUMCVSS 5.5≥ 4.4.0, < 4.4.12024-10-10

CVE-2024-9780 [MEDIUM] CWE-456 CVE-2024-9780: ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capt ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

CVE-2024-8645MEDIUMCVSS 5.5≥ 4.2.0, < 4.2.6≥ 4.0.0, < 4.0.162024-09-10

CVE-2024-8645 [MEDIUM] CWE-824 CVE-2024-8645: SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via pa SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file

cvelistv5nvd

1 / 5Next →