CVE-2025-5601

HIGH

Wireshark < 4.2.12 - Out-of-Bounds Write

Title source: rule

Description

Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file

References (2)

Scores

CVSS v3 7.8
EPSS 0.0005
EPSS Percentile 14.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-120 CWE-787
Status published

Affected Products (1)

wireshark/wireshark < 4.2.12

Timeline

Published Jun 04, 2025
Tracked Since Feb 18, 2026