CVE-2026-5656 – Wireshark
“Packet analysis tools become attack surfaces when parsing goes wrong.”
The Wireshark patch resolves a broad set of vulnerabilities affecting packet dissection and file parsing components. The most serious issue, CVE-2026-5402, carries a CVSS score of 8.8, which is High severity, followed by multiple additional high-severity flaws including CVE-2026-5403 (7.8), CVE-2026-5405 (7.8), and CVE-2026-5656 (7.0). These issues can allow attackers to trigger crashes or potentially execute code through crafted network traffic or malicious capture files, directly impacting analysts and systems processing untrusted data.
CVE-2026-5402 has a CVSS score of 8.8, which is High severity. CVE-2026-5403 has a CVSS score of 7.8, which is High severity. CVE-2026-5405 has a CVSS score of 7.8, which is High severity. CVE-2026-5656 has a CVSS score of 7.0, which is High severity. A large number of medium-severity vulnerabilities, generally scored at 5.5, expand the attack surface and increase reliability of exploitation chains. Proof-of-concept code is confirmed for several vulnerabilities, including CVE-2026-5405 and multiple medium-severity issues, demonstrating practical exploitation risk when handling untrusted traffic captures.
Key Details
- Affected Product
- Wireshark Wireshark
- Attack Vector
- Local
- Attack Complexity
- High
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-22