Cyber Posture

CVE-2026-7375

MediumPublic PoC

Published: 30 April 2026

Published
30 April 2026
Modified
01 May 2026
KEV Added
Patch
CVSS Score 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0002 5.7th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-7375 is a medium-severity Infinite Loop (CWE-835) vulnerability in Wireshark Wireshark. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 5.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Flaw remediation directly addresses CVE-2026-7375 by patching the infinite loop in Wireshark's UDS protocol dissector across affected versions.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Vulnerability monitoring and scanning identifies systems running vulnerable Wireshark versions 4.4.0-4.4.14 or 4.6.0-4.6.4 prone to DoS from malicious pcap files.

SI-5 Security Alerts, Advisories, and Directives partial match
detect

Security alerts and advisories like WNPA-SEC-2026-50 enable organizations to detect and respond to the Wireshark UDS dissector vulnerability promptly.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Vulnerability triggered by opening malicious packet capture file (T1204.002); infinite loop causes application hang/crash enabling DoS via exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Deeper analysisAI

CVE-2026-7375 affects the UDS protocol dissector in Wireshark versions 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14. The vulnerability triggers an infinite loop during packet dissection, enabling a denial of service condition. It is classified under CWE-835 (Infinite Loop) with a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) and was published on 2026-04-30T06:16:16.927.

Exploitation requires local access with low attack complexity and no privileges, but depends on user interaction such as opening a malicious packet capture file in Wireshark. A local attacker can provide such a file, causing the affected Wireshark instance to enter an infinite loop, resulting in high-impact denial of service through application crash or hang, with no impact on confidentiality or integrity.

Mitigation details are provided in Wireshark's security advisory WNPA-SEC-2026-50 at https://www.wireshark.org/security/wnpa-sec-2026-50.html and the related GitLab work item at https://gitlab.com/wireshark/wireshark/-/work_items/21225.

Details

CWE(s)
CWE-835

Affected Products

wireshark
wireshark
4.4.0 — 4.4.15 · 4.6.0 — 4.6.5

CVEs Like This One

CVE-2026-6519Same product: Wireshark Wireshark
CVE-2026-6520Same product: Wireshark Wireshark
CVE-2026-3201Same product: Wireshark Wireshark
CVE-2026-3203Same product: Wireshark Wireshark
CVE-2026-5653Same product: Wireshark Wireshark
CVE-2025-1492Same product: Wireshark Wireshark
CVE-2026-5657Same product: Wireshark Wireshark
CVE-2026-6868Same product: Wireshark Wireshark
CVE-2026-5655Same product: Wireshark Wireshark
CVE-2026-5654Same product: Wireshark Wireshark

References