Back to overview

CVE-2026-15168

LOW
2.5
CVSS 3.1
Description
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure

Metadata

CVE ID
CVE-2026-15168
State
PUBLISHED
Assigner
GitLab
Reserved
2026-07-08 20:45 UTC
Published
2026-07-08 21:47 UTC
Last updated
2026-07-08 21:47 UTC
Primary CWE
CWE-457
CWE-457: Use of Uninitialized Variable
Vendor / Product
Wireshark Foundation / Wireshark
Sources
cve.org  ·  NVD

Severity & Metrics

2.5 LOW CVSS 3.1
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
Wireshark Foundation Wireshark 4.6.0 < 4.6.7, 4.4.0 < 4.4.17
Weakness (CWE)
CWESourceDescription
CWE-457 cna CWE-457: Use of Uninitialized Variable
CVSS scores (1)
ScoreSeverityVersionSourceVector
2.5 LOW 3.1 cna CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Back to overview