Wireshark 4.6.7 patches twelve security vulnerabilities in protocol dissectors
Wireshark 4.6.7 is a maintenance release that patches twelve security vulnerabilities, primarily crash-inducing flaws in protocol dissectors. The bugs range from cellular signaling parsers to capture file reading code, with most involving out-of-bounds reads or bad memory access triggered by crafted packets or capture files. The release also fixes a use-after-free vulnerability and adds a Visual Studio 2026 Windows build.
Key quotes
Network analysts who open packet captures in Wireshark push untrusted data through a large set of protocol dissectors, and each parser is a spot where a malformed frame can trip up the software.
The 4.6.7 maintenance release closes twelve of those weak points.
A crafted packet or capture file could push a dissector into reading past its buffer or touching bad memory, ending the session.
You might also wanna read

WAF - WAF Release - 2025-08-18
Cloudflare·10mo ago

WAF - WAF Release - 2025-07-21
Cloudflare·11mo ago

WAF - WAF Release - 2025-06-09
Cloudflare·1y ago

WAF - WAF Release - 2025-10-24 - Emergency
Cloudflare·8mo ago
Analysis of 7-Zip vulnerabilities: CVE-2025-11001 and CVE-2025-11002
ThreatLocker·13d ago

WAF - WAF Release - 2025-05-27
Cloudflare·1y ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.