CVE-2026-5407

MEDIUM

Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

Title source: cna
STIX 2.1

Description

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

References (2)

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 1.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-835
Status published
Products (2)
Wireshark Foundation/Wireshark 4.4.0 - 4.4.15
Wireshark Foundation/Wireshark 4.6.0 - 4.6.5
Published Apr 30, 2026
Tracked Since Apr 30, 2026