Description
MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a crash in the Wireshark MySQL protocol dissector caused by access of an uninitialized pointer, identified as CWE-824. When the dissector parses malicious MySQL traffic, it may terminate Wireshark, preventing further analysis and potentially disrupting network troubleshooting workflows. This loss of availability could affect a single user or a team that relies on Wireshark for monitoring and diagnostics.

Affected Systems

Wireshark Foundation’s Wireshark product is affected. Versions 4.4.0 through 4.4.14 and 4.6.0 through 4.6.4 are vulnerable. All other releases are not impacted.

Risk and Exploitability

The vulnerability has a CVSS score of 5.5, indicating a moderate impact. An exploitation scenario requires Wireshark to process a crafted MySQL packet, so the attack vector is likely indirect, relying on an attacker to supply targeted traffic to a user’s Wireshark session. The EPSS score is not available, but the lack of cataloguing in CISA KEV suggests limited current exploitation. The risk is present for systems that capture or open MySQL traffic without verification.

Generated by OpenCVE AI on April 30, 2026 at 13:50 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.5 or later to remove the crash path.
  • If an upgrade is not currently possible, disable the MySQL dissector plugin while analyzing untrusted capture files to prevent the crash from occurring.
  • Continuously review Wireshark security advisories for additional guidance and monitor for further updates.

Generated by OpenCVE AI on April 30, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Title Access of Uninitialized Pointer in Wireshark
Weaknesses CWE-824
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T15:19:54.077Z

Reserved: 2026-04-17T15:05:32.680Z

Link: CVE-2026-6524

cve-icon Vulnrichment

Updated: 2026-04-30T15:02:54.538Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-04-30T07:16:39.637

Modified: 2026-04-30T15:10:10.430

Link: CVE-2026-6524

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:00:22Z

Weaknesses