CVE-2026-5405
EUVD-2026-2646201.05.2026, 00:16
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code executionEnginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| wireshark | wireshark | 4.4.0 ≤ 𝑥 < 4.4.15 |
| wireshark | wireshark | 4.6.0 ≤ 𝑥 < 4.6.5 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| libwireshark15 |
| ||||||||
| libwiretap12 |
| ||||||||
| libwsutil13 |
| ||||||||
| wireshark |
| ||||||||
| wireshark-devel |
| ||||||||
| wireshark-ui-qt |
|
Amazon Linux Releases
Common Weakness Enumeration
- CWE-122 - Heap-based Buffer OverflowA heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.