PT-2026-36048 · Wireshark · Wireshark

Duc Anh Nguyen

Published

2026-04-29

Updated

2026-06-01

CVE-2026-5402

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4

Description A heap overflow exists in the TLS protocol dissector. A remote attacker can exploit this issue by sending malformed packets or malicious capture files, potentially leading to a denial of service or the execution of arbitrary code. In real-world scenarios, attackers may use this to achieve code execution and subsequently pivot laterally across network infrastructure.

Recommendations Update to version 4.6.5.

Exploit

Fix

DoS

RCE

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

BDU:2026-06164

CVE-2026-5402

OPENSUSE-SU-2026:10686-1

Affected Products

Wireshark

PT-2026-36048 · Wireshark · Wireshark

CVE-2026-5402

Weakness Enumeration

Related Identifiers

Affected Products

References · 61