Description
WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an improperly controlled sequential memory allocation in Wireshark’s WebSocket protocol dissector. Parsing crafted WebSocket frames can trigger a buffer mismanagement that causes the application to crash, resulting in denial of service. The weakness is classified as CWE-1325.

Affected Systems

Affected products are Wireshark from the Wireshark Foundation. Versions 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14 are impacted. Users running these builds should be aware that any traffic containing malicious WebSocket packets could destabilize the network analyzer.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, while the EPSS score is not available, suggesting limited publicly observable exploitation risk. The vulnerability is not listed in the CISA KEV catalog. The most likely attack vector is a malicious WebSocket payload sent over a network that Wireshark is monitoring; the payload would cause the dissector to crash. Because no remote code execution or elevated privileges are involved, the risk is confined to denial of service affecting the analyst’s environment rather than compromising the host system.

Generated by OpenCVE AI on April 30, 2026 at 13:52 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Apply the official update to Wireshark 4.6.5 or later.
  • If an upgrade cannot be performed immediately, disable the WebSocket protocol dissector in Wireshark’s preferences to prevent processing of potentially malicious frames.
  • Restrict Wireshark’s exposure to untrusted traffic sources, and consider isolating the analyst workstation in a controlled network segment.

Generated by OpenCVE AI on April 30, 2026 at 13:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*

Thu, 30 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Title Improperly Controlled Sequential Memory Allocation in Wireshark
Weaknesses CWE-1325
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T12:47:07.534Z

Reserved: 2026-04-22T16:29:28.863Z

Link: CVE-2026-6869

cve-icon Vulnrichment

Updated: 2026-04-30T12:26:08.830Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-30T07:16:41.470

Modified: 2026-05-01T18:15:10.147

Link: CVE-2026-6869

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:00:22Z

Weaknesses