CVE-2025-11626 MEDIUM

CVE-2025-11626: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

Vendor Wireshark Foundation

Product Wireshark

Weakness CWE-835

Published October 10, 2025

Last update March 27, 2026

CVSS base score

5.5/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service

Key dates

October 10, 2025 CVE published

March 27, 2026 Record updated

External resources

Related vulnerabilities

CVE CVE-2025-11626

CWE CWE-835

CVSS 5.5 / MEDIUM

Vendor Wireshark Foundation

Product Wireshark

Affected ≥ 4.4.0 and < 4.4.10

Vendor Wireshark Foundation

Product Wireshark

Affected ≥ 4.2.0 and < 4.2.14