CVE-2026-5408

MEDIUM EPSS 4.0%
Published Apr 30, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 30, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-674

Affected Products 2

VendorProductVersionRange
wiresharkwireshark*≥4.4.0  –  ≤4.4.14
wiresharkwireshark*≥4.6.0  –  ≤4.6.4

References 3

  • gitlab.com https://gitlab.com/wireshark/wireshark/-/issues/21067
    ExploitIssue TrackingThird Party Advisory
  • gitlab.com https://gitlab.com/wireshark/wireshark/-/work_items/21067
    ExploitIssue TrackingThird Party Advisory
  • wireshark.org https://www.wireshark.org/security/wnpa-sec-2026-09.html
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.