Wireshark 4.6.5, pushed out in late April 2026, patches more than 40 CVEs across 50 security advisories, including four flaws that can let an attacker run code on the very box analysts use to inspect traffic. The TLS, SBC, RDP, and Profile Import components all carry crash-plus-code-execution risk, with the TLS heap overflow rated CVSS 8.8 by NIST. Network teams running 4.6.0 through 4.6.4, or any 4.4.x build before 4.4.15, are exposed today.
The patch set is one of the largest the project has shipped in a single release. The official Wireshark 4.6.5 release notes attribute the unusual volume to a sudden wave of AI-assisted vulnerability reports landing in the project’s bug tracker.
For a tool that often runs with elevated privileges next to live, hostile traffic, the math is brutal. A single crafted packet on the same network segment, with no credentials and no prior foothold, can crash the analyzer or, in the worst four cases, hand an attacker code execution as the analyst.
Fifty Advisories in One Drop, by the Numbers
The 4.6.5 cycle compresses what would normally be a quarter of disclosures into a single release. The Wireshark Security Advisories index now lists wnpa-sec-2026-08 through wnpa-sec-2026-50 inside this cluster, with fixes back-ported to the long-term 4.4 branch as 4.4.15.
- 50 advisories. wnpa-sec-2026-08 through wnpa-sec-2026-50, all closed in 4.6.5 and 4.4.15.
- 4 RCE-class flaws. Crash with possible code execution in TLS, SBC, RDP, and Profile Import.
- CVSS 8.8. The score assigned to CVE-2026-5402 in the NVD entry for the TLS heap overflow.
- 90+ protocols. Updated dissectors shipped alongside the security fixes.
The release also bundles Npcap 1.87 and Qt 6.10.3 on Windows, which means the security update doubles as a platform refresh that some shops will need to test before pushing to analyst workstations.
The Four Bugs That Could Run Code on Your Box
Code execution in a packet analyzer is not theoretical. The exploitation pattern is straightforward: send a crafted packet across a span port, drop a poisoned PCAP in a shared analyst folder, or trick a colleague into importing a profile, and the parser does the rest. CVE-2026-5402, the TLS heap overflow, requires user interaction but no authentication and no special privileges, per the GitLab CNA scoring on NVD.
| Component | CVE | Advisory | Trigger |
|---|---|---|---|
| TLS Dissector | CVE-2026-5402 | wnpa-sec-2026-14 | Malformed TLS packet, heap overflow |
| SBC Audio Codec | CVE-2026-5403 | wnpa-sec-2026-16 | Malformed SBC payload |
| RDP Dissector | CVE-2026-5405 | wnpa-sec-2026-17 | Crafted Remote Desktop traffic |
| Profile Import | CVE-2026-5656 | wnpa-sec-2026-21 | Malicious analyst profile bundle |
Why a Sniffer Bug Bites Harder Than Most
Wireshark sits in an uncomfortable spot. It runs on the analyst’s laptop, often with capture privileges, and it eats whatever bytes the wire delivers. Defenders point it at the worst traffic on the network on purpose. That is the job.
The attack surface here is the entire library of dissectors, not a single service. Wireshark ships parsers for hundreds of protocols, and each one is a potential entry point if it mishandles a malformed field.
The Profile Import flaw widens that picture further. Analysts swap profile bundles to share custom column layouts, coloring rules, and decode-as preferences, sometimes pulled from forum threads or vendor lab kits. CVE-2026-5656 turns that habit into a delivery channel.
And because incident responders frequently open attacker-supplied PCAPs as part of triage, the same protocol parsers that have to be lenient also have to be airtight. They are not.
The Dissector Pile-Up Hitting SOCs
The bulk of 4.6.5’s fixes are crash bugs in individual protocol dissectors. None of them, taken alone, will end a SOC’s day. Strung together across a shared capture pipeline, they will.
- Core internet plumbing: HTTP (CVE-2026-6868), WebSocket (CVE-2026-6869), MySQL (CVE-2026-6524), RTSP (CVE-2026-6526), ICMPv6 (CVE-2026-5299).
- Wireless and mobile: IEEE 802.11 (CVE-2026-6525), GSM RP (CVE-2026-6870), ZigBee (CVE-2026-6537), Kismet (CVE-2026-6532).
- Storage and file sharing: AFP (CVE-2026-5401), SMB2 crash (wnpa-sec-2026-45).
- Audio and media codecs: AMR-NB (CVE-2026-5654), iLBC (CVE-2026-5657, CVE-2026-6529), DCP-ETSI (CVE-2026-5653, CVE-2026-6530).
- Niche but operationally loaded: Monero (CVE-2026-5409), BT-DHT (CVE-2026-5408), FC-SWILS (CVE-2026-5406), BEEP (CVE-2026-6538), ASN.1 PER (CVE-2026-6527), K12 RF5 file parser (CVE-2026-5404).
Loops That Quietly Kill Capture Pipelines
A second cluster of bugs avoids crashes and hangs the analyzer instead. The SMB2 dissector, addressed in wnpa-sec-2026-11 as CVE-2026-5407, can drop into an infinite loop when fed malformed traffic. Several others behave the same way: DLMS/COSEM (CVE-2026-6536), USB HID (CVE-2026-6534), SANE (CVE-2026-6531), GNW (CVE-2026-6523), OpenFlow v5 and v6 (CVE-2026-6521, CVE-2026-6520), MBIM (CVE-2026-6519), RPKI-Router (CVE-2026-6522), and a separate TLS path (CVE-2026-6528). UDS, in wnpa-sec-2026-50, joined the list at the back end of the cycle.
The operational damage here is different. A loop bug does not pop a window. It silently pegs CPU, freezes a tshark batch job, or stalls the dissection threads inside an automated workflow, and analysts only notice when alerts stop landing.
For shops that run Wireshark or tshark on capture nodes feeding a SIEM, a single attacker packet can park the parser indefinitely while the rest of the pipeline keeps insisting nothing is wrong.
Decompression Flaws That Cut Across Protocols
Two engine-level bugs sit underneath every protocol that uses compression. CVE-2026-6535 corrupts the zlib decompression path, and CVE-2026-6533 crashes on malformed LZ77 streams. Anything that wraps payloads in those formats, from HTTP/2 traffic to certain capture file formats, can hit them.
This release fixes quite a few vulnerabilities. This is due to a recent trend in AI-assisted vulnerability reports.
That line, lifted verbatim from the project’s 4.6.5 release notes, is the project’s own framing of what changed in this cycle, not a marketing message bolted on later.
The AI Fuzzing Wave Behind the Patch Set
Wireshark has been a high-value target for fuzzers for years. The community has shipped tooling like the Lekensteyn wireshark-fuzztools repository and ridden along with Google’s OSS-Fuzz integration. What changed in 2026 is who, and what, is filing the reports.
Independent reports filed against the project this year increasingly come from researchers running large language model agents over dissector source, generating mutated inputs, and triaging crashes with AI assistance. The volume scales in a way human-only researchers cannot match.
For maintainers, that is a double-edged sword. AI-driven submissions surface real defects that would otherwise sit latent for years. They also flood the issue tracker with reports that need human review, reproduction, and patch validation, on a project staffed largely by volunteers.
Gerald Combs, the analyzer’s original author, has spent two decades steering the dissector code base through exactly these waves of disclosure. The 4.6.5 cycle is the first where the dominant input shape is machine-generated rather than human-found.
The downstream effect on defenders is real. Patch cadence is now driven less by how fast attackers find bugs and more by how fast a small team can validate a steady stream of AI-flagged crash traces. Enterprise patch windows that assumed quarterly Wireshark updates need to compress.
What to Patch, in What Order
The fix is a version bump, not a configuration change. Operators should pull the patched build from the official Wireshark downloads page, validate against existing capture profiles, and roll it through SOC and forensic workstations first.
- Inventory. Map every host running Wireshark, tshark, dumpcap, sharkd, or the Logray variant, including capture appliances and analyst VMs.
- Upgrade. Move 4.6.x boxes to 4.6.5 and 4.4.x boxes to 4.4.15. Stable branches are receiving the same fixes.
- Re-import profiles. Treat any profile bundle received from outside the team as untrusted until Profile Import is patched, given CVE-2026-5656.
- Lock down capture context. On Linux, prefer the dumpcap-with-capabilities model over running the full Qt UI as root.
- Watch for stalls. In automated pipelines, monitor tshark and sharkd CPU and runtime to catch infinite-loop conditions early.
Christopher Maynard, a longtime Wireshark contributor, has frequently reminded analysts on the project’s Q&A site that elevated-privilege capture is the easiest preventable mistake in the toolchain. The 4.6.5 disclosures put a price tag on ignoring that advice.
Frequently Asked Questions
Which Wireshark versions are vulnerable to CVE-2026-5402?
The TLS dissector heap overflow tracked as CVE-2026-5402 affects Wireshark 4.6.0 through 4.6.4, per the NVD record. The fix ships in 4.6.5 on the current branch and in 4.4.15 on the long-term support branch. Earlier 4.4.x builds are also exposed if they include the affected TLS dissector code path.
Can an attacker exploit Wireshark 4.6.5 bugs without being on the same network?
Most of the 50 advisories assume the attacker can put a crafted packet in front of the analyzer, which usually means same-segment access or a malicious capture file. The Profile Import bug, CVE-2026-5656, widens that to anyone who can hand an analyst a malicious profile bundle by email, chat, or shared drive.
Does updating to Wireshark 4.6.5 require reinstalling Npcap on Windows?
The Windows installer for 4.6.5 bundles Npcap 1.87 and Qt 6.10.3. Most users get the new Npcap automatically through the installer prompts. Shops that pin Npcap versions for compatibility with other capture tools should test the new build in a lab before rolling it to production analysts.
Are there any reports of these Wireshark vulnerabilities being exploited in the wild?
The Wireshark project says it is not aware of active exploitation of the 4.6.5 advisories as of the release date. That status can change quickly once proof-of-concept code circulates, especially for the TLS, RDP, and SBC code execution paths, which is why the project recommends patching immediately rather than waiting for the next maintenance window.
Should organizations stop running Wireshark with administrator or root privileges?
Yes. The recommended pattern on Linux and macOS is to grant capture capabilities to dumpcap and run the GUI or tshark as a normal user. On Windows, Npcap can be configured so that only members of a specific group can capture. That model limits the blast radius if a future dissector bug lands before a patch.
The 4.6.5 release is unlikely to be the last cluster of this size. With AI-assisted reporting now a steady source of crash traces against the dissector tree, defenders should plan for shorter Wireshark patch cycles and tighter capture-host hardening through the rest of 2026.
Leave a Comment