Security Vulnerabilities
iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to dhclient-script(8), which evaluates it.
A rogue DHCP server may be able to execute arbirary code as root on a system running dhclient.
CVSS Score
8.1
EPSS Score
0.0
Published
2026-04-30
ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution
CVSS Score
8.8
EPSS Score
0.0
Published
2026-04-30
FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30
HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-30