Vulnerabilities
Vulnerable Software
Security Vulnerabilities
Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
5.5
EPSS Score
0.001
Published
2026-07-08
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGE_KNUPDATE permission to bypass Confidence Level validation and Object Marking restrictions by injecting the synchronized-upsert: true HTTP header, enabling attackers to downgrade confidence levels, remove security markings such as TLP:RED, manipulate relationships, and affect STIX object types including Indicators, ThreatActors, Malware, and Reports. This issue is fixed in version 7.260326.0.
CVSS Score
7.1
EPSS Score
0.003
Published
2026-07-08
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260401.0, the OpenCTI GraphQL API exposes a script filter operator in its FilterOperator enum that allows any authenticated user with the KNOWLEDGE capability to pass user-supplied Elasticsearch Painless script values directly into search queries without validation or sanitization, allowing computationally expensive scripts to consume cluster CPU resources and degrade or deny service for all users. This issue is fixed in version 7.260401.0.
CVSS Score
6.5
EPSS Score
0.004
Published
2026-07-08
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
CVSS Score
5.5
EPSS Score
0.002
Published
2026-07-08
Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
5.5
EPSS Score
0.001
Published
2026-07-08
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service
CVSS Score
5.5
EPSS Score
0.001
Published
2026-07-08
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
5.5
EPSS Score
0.001
Published
2026-07-08
DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
7.5
EPSS Score
0.002
Published
2026-07-08
UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
5.5
EPSS Score
0.002
Published
2026-07-08
Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
CVSS Score
5.5
EPSS Score
0.001
Published
2026-07-08


Contact Us

Shodan ® - All rights reserved