3.3
CVE-2026-15168
- EPSS 0.1%
- Veröffentlicht 08.07.2026 21:47:19
- Zuletzt bearbeitet 09.07.2026 19:20:39
- Quelle cve@gitlab.com
- CVE-Watchlists
- Unerledigt
Use of Uninitialized Variable in Wireshark
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.012 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
|
| cve@gitlab.com | 2.5 | 1 | 1.4 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
|
CWE-457 Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
https://www.wireshark.org/security/wnpa-sec-2026-60.html
https://gitlab.com/wireshark/wireshark/-/work_items/21361