Cyber Resilience

CVE-2026-6526

MediumPublic PoC

Published: 30 April 2026

Published
30 April 2026
Modified
01 May 2026
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0012 2.5th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-6526 is a medium-severity NULL Pointer Dereference (CWE-476) vulnerability in Wireshark Wireshark. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Disable or Modify Tools (T1685); ranked at the 2.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
Why these techniques?

NULL pointer dereference crash in Wireshark RTSP dissector directly enables DoS against the analysis tool, mapping to impairing defenses via tool modification/disablement.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

wireshark
wireshark
4.6.0 — 4.6.4

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References