Description
RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A null pointer dereference occurs in the RTSP protocol dissector of Wireshark versions 4.6.0 through 4.6.4, triggering a crash when the software attempts to process an RTSP packet. The flaw results in a denial of service by causing the Wireshark process to terminate unexpectedly, but it does not provide remote code execution or data exfiltration capabilities. The vulnerability is a classic null pointer dereference (CWE‑476) and also involves a use‑after‑free or similar condition (CWE‑617).

Affected Systems

The vulnerability affects Wireshark software distributed by the Wireshark Foundation. All installations running versions 4.6.0, 4.6.1, 4.6.2, 4.6.3, or 4.6.4 are impacted. Versions before 4.6.0 or 4.6.5 and later are not affected.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate impact. The EPSS score of less than 1% indicates a very low but nonzero probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is the processing of malicious RTSP traffic; an attacker could craft a packet that Wireshark processes during a capture, causing the application to crash. Although no remote execution is possible, repeated crashes could deny service to users or interrupt critical monitoring workflows.

Generated by OpenCVE AI on May 4, 2026 at 13:24 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.5 or later as the official CNA solution
  • If an upgrade cannot be applied immediately, block or filter RTSP traffic in the capture environment to prevent malicious packets from being processed
  • If possible, disable the RTSP dissector in Wireshark configuration to avoid the crash until a patch is applied

Generated by OpenCVE AI on May 4, 2026 at 13:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-617
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 01 May 2026 19:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*

Thu, 30 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4
Title NULL Pointer Dereference in Wireshark
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T15:19:46.683Z

Reserved: 2026-04-17T15:05:42.686Z

Link: CVE-2026-6526

cve-icon Vulnrichment

Updated: 2026-04-30T15:02:44.052Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-30T07:16:39.770

Modified: 2026-05-01T19:29:03.427

Link: CVE-2026-6526

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-30T05:34:29Z

Links: CVE-2026-6526 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T13:30:45Z

Weaknesses