CVE-2026-15174

MEDIUM

Heap-based Buffer Overflow in Wireshark

Title source: cna
STIX 2.1

Description

Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service

Scores

CVSS v3 5.5
EPSS 0.0009
EPSS Percentile 0.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-122
Status published
Products (3)
wireshark/wireshark 4.4.0 - 4.4.17
Wireshark Foundation/Wireshark 4.4.0 - 4.4.17
Wireshark Foundation/Wireshark 4.6.0 - 4.6.7
Published Jul 08, 2026
Tracked Since Jul 09, 2026