SharkFest US 2026 is coming to Nashville, Tennessee! Learn more and register.

wnpa-sec-2026-21 · Profile import crash and possible code execution

Summary

Name: Profile import crash and possible code execution

Docid: wnpa-sec-2026-21

Date: April 29, 2026

Affected versions: 4.6.0 to 4.6.4, 4.4.0 to 4.4.14

Fixed versions: 4.6.5, 4.4.15

References:

Wireshark issue 21115.
CVE-2026-5656.

Details

Description

Importing a crafted configuration profile could crash Wireshark or execute arbitrary code.

Impact

Discovered by Joohyun Park, Hyuk Kwon, Yonghwa Lee, Taisic Yun, Sangjun Song (Theori), with Xint. We are unaware of any exploits for this issue. It may be possible to make Wireshark crash or execute arbitrary code by convincing someone to import a malformed configuration profile.

Resolution

Upgrade to Wireshark 4.6.5, 4.4.15 or later.