SharkFest US 2026 is coming to Nashville, Tennessee! Learn more and register.

wnpa-sec-2026-26 · Dissection engine zlib decompression crash

Summary

Name: Dissection engine zlib decompression crash

Docid: wnpa-sec-2026-26

Date: April 29, 2026

Affected versions: 4.6.0 to 4.6.4, 4.4.0 to 4.4.14

Fixed versions: 4.6.5, 4.4.15

References:

Wireshark issue 21097.
Wireshark issue 21098.
CVE-2026-6535.

Details

Description

The zlib decompressor in Wireshark's dissection engine could crash.

Impact

WCA Logo

Find out more about the new WCA certification