{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0961", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2026-01-14T20:14:06.637Z", "datePublished": "2026-01-14T20:23:48.832Z", "dateUpdated": "2026-01-14T21:08:38.074Z"}, "containers": {"cna": {"title": "Out-of-bounds Write in Wireshark", "descriptions": [{"lang": "en", "value": "BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": "4.6.0", "status": "affected", "lessThan": "4.6.3", "versionType": "semver"}, {"version": "4.4.0", "status": "affected", "lessThan": "4.4.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-787: Out-of-bounds Write", "cweId": "CWE-787", "type": "CWE"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2026-01.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20880", "name": "GitLab Issue #20880", "tags": ["issue-tracking", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.6.3 or above"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-01-14T20:23:48.832Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-14T21:08:01.416044Z", "id": "CVE-2026-0961", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-14T21:08:38.074Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0961", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-14T21:08:01.416044Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-14T21:08:28.655Z"}}], "cna": {"title": "Out-of-bounds Write in Wireshark", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.6.0", "lessThan": "4.6.3", "versionType": "semver"}, {"status": "affected", "version": "4.4.0", "lessThan": "4.4.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.6.3 or above"}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2026-01.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20880", "name": "GitLab Issue #20880", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-01-14T20:23:48.832Z"}}}, "cveMetadata": {"cveId": "CVE-2026-0961", "state": "PUBLISHED", "dateUpdated": "2026-01-14T21:08:38.074Z", "dateReserved": "2026-01-14T20:14:06.637Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2026-01-14T20:23:48.832Z", "assignerShortName": "GitLab"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service"}], "id": "CVE-2026-0961", "lastModified": "2026-01-14T21:15:53.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-01-14T21:15:53.063", "references": [{"source": "[email protected]", "url": "https://gitlab.com/wireshark/wireshark/-/issues/20880"}, {"source": "[email protected]", "url": "https://www.wireshark.org/security/wnpa-sec-2026-01.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "Wireshark: Wireshark: Denial of Service vulnerability in BLF file parser", "id": "2429763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429763"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["A flaw was found in Wireshark. This vulnerability allows an attacker to trigger a crash in the BLF file parser by providing a specially crafted file. Successful exploitation leads to a denial of service (DoS), making the application unavailable to legitimate users."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, users should avoid opening or processing untrusted BLF (Binary Logging Format) files with Wireshark. Exercise caution when handling BLF files from unknown or unverified sources to prevent potential denial of service attacks."}, "name": "CVE-2026-0961", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-14T20:23:48Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-0961\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-0961\nhttps://gitlab.com/wireshark/wireshark/-/issues/20880\nhttps://www.wireshark.org/security/wnpa-sec-2026-01.html"], "statement": "This vulnerability is rated Moderate for Red Hat. An out-of-bounds write flaw in the Wireshark BLF file parser can lead to a denial of service. This issue requires user interaction, as an attacker would need to trick a user into opening a specially crafted BLF file.", "threat_severity": "Moderate"}

{"created": "2026-01-15T08:03:15.159278+00:00", "updated": "2026-01-15T08:03:15.159305+00:00", "vendors": ["wireshark", "wireshark$PRODUCT$wireshark"]}