High severity7.8NVD Advisory· Published May 1, 2026· Updated May 4, 2026
CVE-2026-5405
CVE-2026-5405
Description
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- gitlab.com/wireshark/wireshark/-/issues/21105nvdExploitIssue TrackingThird Party Advisory
- www.wireshark.org/security/wnpa-sec-2026-17.htmlnvdVendor Advisory
News mentions
3- CloudZ RAT potentially steals OTP messages using Pheno pluginCisco Talos Intelligence · May 5, 2026
- Wireshark 4.6.5 Released, (Sun, May 3rd)SANS Internet Storm Center · May 3, 2026
- Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)SANS Internet Storm Center · May 1, 2026