High severity7.0NVD Advisory· Published May 1, 2026· Updated May 1, 2026
CVE-2026-5656
CVE-2026-5656
Description
Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- gitlab.com/wireshark/wireshark/-/issues/21115nvdExploitIssue TrackingThird Party Advisory
- www.wireshark.org/security/wnpa-sec-2026-21.htmlnvdVendor Advisory
News mentions
3- CloudZ RAT potentially steals OTP messages using Pheno pluginCisco Talos Intelligence · May 5, 2026
- Wireshark 4.6.5 Released, (Sun, May 3rd)SANS Internet Storm Center · May 3, 2026
- Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)SANS Internet Storm Center · May 1, 2026