Input validation error in Wireshark - CVE-2026-15165
Published: July 9, 2026
Wireshark
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in TLS ECH decryption code when parsing a malformed packet trace file. A remote attacker can craft a malformed packet trace file to cause a denial of service.
User interaction is required to open the crafted packet trace file.