CVE Vulnerabilities

CVE-2026-15168

Use of Uninitialized Variable

Published: Jul 08, 2026 | Modified: Jul 09, 2026
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
2.5 LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure

Weakness

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

Affected Software

NameVendorStart VersionEnd Version
WiresharkWireshark4.4.0 (including)4.4.17 (excluding)
WiresharkWireshark4.6.0 (including)4.6.7 (excluding)
WiresharkUbuntuquesting*

Potential Mitigations

References