Description
FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Published: 2026-07-08
Score: 5.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from unchecked input used to control a loop condition in Wireshark's FMP/NOTIFY protocol dissector. When a packet containing malformed data is parsed, the loop fails to terminate correctly and the program crashes, providing an attacker with a denial‑of‑service vector. This weakness is identified as CWE‑606, reflecting improper validation of input before use.

Affected Systems

All releases of Wireshark from version 4.4.0 through 4.4.16, and from 4.6.0 through 4.6.6, are affected. The impact is limited to the Wireshark application on the host where the dissection occurs.

Risk and Exploitability

The CVSS score of 5.5 indicates medium severity. EXS is not available, so the likelihood of exploitation is unknown, and the vulnerability is not listed in CISA's KEV catalog. Attackers can exploit it by presenting a crafted packet or pcap file to Wireshark, causing the application to crash locally on the victim’s machine. The exploitation does not grant code execution or elevate privileges, but it compromises availability of the network‑analysis tool.

Generated by OpenCVE AI on July 9, 2026 at 03:58 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.7 or above


OpenCVE Recommended Actions

  • Apply the official vendor patch by upgrading Wireshark to version 4.6.7 or later, which includes the necessary fix for the loop‑condition check.
  • If immediate upgrade is not possible, restrict the use of Wireshark to trusted capture files and avoid opening unverified network traffic that might contain malicious packets.
  • Run Wireshark under the principle of least privilege, ensuring that it does not run with elevated rights so that a crash cannot affect the broader system environment.

Generated by OpenCVE AI on July 9, 2026 at 03:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Jul 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Title Unchecked Input for Loop Condition in Wireshark
Weaknesses CWE-606
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-07-08T20:51:20.287Z

Reserved: 2026-07-08T20:45:58.875Z

Link: CVE-2026-15172

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-09T04:00:11Z

Weaknesses
  • CWE-606

    Unchecked Input for Loop Condition