SB2026070907 - Multiple vulnerabilities in Wireshark
Published: July 9, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 vulnerabilities.
1) Input validation error (CVE-ID: CVE-2026-15174)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the Catapult DCT2000 protocol dissector when parsing malformed packets or packet trace files. A remote attacker can inject a malformed packet onto the wire or trick the victim into opening a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation uses a malformed packet trace file.
2) Input validation error (CVE-ID: CVE-2026-15173)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the pcapng file parser when parsing a malformed packet trace file. A remote attacker can trick the victim into opening a crafted packet trace file to cause a denial of service.
User interaction is required to open a crafted packet trace file.
3) Input validation error (CVE-ID: CVE-2026-15172)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the FMP/NOTIFY protocol dissector when parsing malformed packets or packet trace files. A remote attacker can inject a malformed packet onto the wire or convince a victim to open a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation is performed via a crafted packet trace file.
4) Input validation error (CVE-ID: CVE-2026-15171)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the SSH protocol dissector when parsing a malformed packet trace file. A remote attacker can craft a malformed packet trace file to cause a denial of service.
User interaction is required to open the crafted packet trace file.
5) Input validation error (CVE-ID: CVE-2026-15165)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in TLS ECH decryption code when parsing a malformed packet trace file. A remote attacker can craft a malformed packet trace file to cause a denial of service.
User interaction is required to open the crafted packet trace file.
6) Input validation error (CVE-ID: CVE-2026-15166)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the IEEE 802.11 protocol dissector when parsing a malformed packet trace file. A remote attacker can trick the victim into opening a crafted packet trace file to cause a denial of service.
User interaction is required to open the crafted packet trace file.
7) Input validation error (CVE-ID: CVE-2026-15170)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the Z39.50 protocol dissector when parsing malformed packets or packet trace files. A remote attacker can inject a malformed packet onto the wire or trick the victim into opening a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation is performed via a crafted packet trace file.
8) Input validation error (CVE-ID: CVE-2026-15169)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the UMTS FP protocol dissector when parsing malformed packet data. A remote attacker can inject a malformed packet onto the wire or trick a victim into opening a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation is performed via a crafted packet trace file.
9) Out-of-bounds read (CVE-ID: CVE-2026-15168)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in the BLF file parser when parsing a malformed packet trace file. A remote attacker can trick the victim into opening a crafted file to disclose sensitive information.
User interaction is required to open a crafted packet trace file.
10) Infinite loop (CVE-ID: CVE-2026-15163)
CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an infinite loop in the MIH, MPEG DSM-CC, eDonkey, and MEGACO protocol dissectors when parsing malformed packets or crafted packet trace files. A remote attacker can inject a malformed packet onto the wire or convince a victim to open a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation uses a crafted packet trace file.
11) Input validation error (CVE-ID: CVE-2026-15167)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the DBS Etherwatch file parser when parsing a malformed packet trace file. A remote attacker can trick the victim into opening a crafted packet trace file to cause a denial of service.
User interaction is required to open the crafted file.
12) Input validation error (CVE-ID: CVE-2026-15164)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in ciscodump extcap when connecting to a hostile device. A remote attacker can present a hostile device to cause a denial of service.
User interaction is required to connect to the hostile device.
Remediation
Install update from vendor's website.
References
- https://www.wireshark.org/security/wnpa-sec-2026-52.html
- https://gitlab.com/wireshark/wireshark/-/issues/21270
- https://www.wireshark.org/security/wnpa-sec-2026-53.html
- https://gitlab.com/wireshark/wireshark/-/issues/21285
- https://www.wireshark.org/security/wnpa-sec-2026-54.html
- https://gitlab.com/wireshark/wireshark/-/issues/21347
- https://www.wireshark.org/security/wnpa-sec-2026-55.html
- https://gitlab.com/wireshark/wireshark/-/issues/21378
- https://www.wireshark.org/security/wnpa-sec-2026-56.html
- https://gitlab.com/wireshark/wireshark/-/issues/21390
- https://www.wireshark.org/security/wnpa-sec-2026-57.html
- https://gitlab.com/wireshark/wireshark/-/issues/21391
- https://www.wireshark.org/security/wnpa-sec-2026-58.html
- https://gitlab.com/wireshark/wireshark/-/issues/21397
- https://www.wireshark.org/security/wnpa-sec-2026-59.html
- https://gitlab.com/wireshark/wireshark/-/issues/21398
- https://www.wireshark.org/security/wnpa-sec-2026-60.html
- https://gitlab.com/wireshark/wireshark/-/issues/21361
- https://www.wireshark.org/security/wnpa-sec-2026-61.html
- https://gitlab.com/wireshark/wireshark/-/issues/21275
- https://www.wireshark.org/security/wnpa-sec-2026-62.html
- https://gitlab.com/wireshark/wireshark/-/issues/21352
- https://www.wireshark.org/security/wnpa-sec-2026-63.html
- https://gitlab.com/wireshark/wireshark/-/issues/21375