CVE-2026-15163
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
CVSS
5.5
Medium
EPSS
0.2%
p8
KEV
—
Exploit Today
3
0-100
Published: Jul 8, 2026 · Last modified: Jul 9, 2026 · CWE-835
0.1%EPSS · 30 days0.2%
2026-07-092026-07-17
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
- gitlab.comhttps://gitlab.com/wireshark/wireshark/-/work_items/21275
- gitlab.comhttps://gitlab.com/wireshark/wireshark/-/work_items/21277
- gitlab.comhttps://gitlab.com/wireshark/wireshark/-/work_items/21330
- gitlab.comhttps://gitlab.com/wireshark/wireshark/-/work_items/21383
- www.wireshark.orghttps://www.wireshark.org/security/wnpa-sec-2026-61.html
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-48907.5 HIG93.6%
——28A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.3dCVE-2026-428997.5 HIG82.4%
——25Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.3dCVE-2026-331167.5 HIG80.0%
——24Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.3dCVE-2026-465227.5 HIG76.7%
——23ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the issue.3dCVE-2023-301887.5 HIG73.3%
——22Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.9dCVE-2022-233527.5 HIG72.6%
——22An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).9d