CVE-2025-11626

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-11626
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11626.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-11626
Downstream
Related
Published
2025-10-10T22:33:26.431Z
Modified
2026-02-22T08:01:42.708353Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Details

MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service

Database specific 
{
    "cna_assigner": "GitLab",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/11xxx/CVE-2025-11626.json",
    "cwe_ids": [
        "CWE-835"
    ]
}
References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events
Introduced
009a163470b581c7d3ee66d89c819cef1f9e50fe
Fixed
f44ead52fe6599e4b2bb6e10e492795e640096de
Introduced
54eedfc63953c8180b5a9c60015917cce7a2548a
Fixed
9d81a981d05cd0d2e764871c5b4b7fcdb694182f

Affected versions

v4.*
v4.2.0
v4.2.1
v4.2.10
v4.2.10rc0
v4.2.11
v4.2.11rc0
v4.2.12
v4.2.12rc0
v4.2.13
v4.2.13rc0
v4.2.14rc0
v4.2.1rc0
v4.2.2
v4.2.2rc0
v4.2.3
v4.2.3rc0
v4.2.4
v4.2.4rc0
v4.2.5
v4.2.5rc0
v4.2.6
v4.2.6rc0
v4.2.7
v4.2.7rc0
v4.2.8
v4.2.8rc0
v4.2.9
v4.2.9rc0
v4.4.0
v4.4.1
v4.4.10rc0
v4.4.1rc0
v4.4.2
v4.4.2rc0
v4.4.3
v4.4.3rc0
v4.4.4
v4.4.4rc0
v4.4.5
v4.4.5rc0
v4.4.6
v4.4.6rc0
v4.4.7
v4.4.7rc0
v4.4.8
v4.4.8rc0
v4.4.9
v4.4.9rc0
v4.6.7rc0
wireshark-4.*
wireshark-4.2.0
wireshark-4.2.1
wireshark-4.2.10
wireshark-4.2.11
wireshark-4.2.12
wireshark-4.2.13
wireshark-4.2.2
wireshark-4.2.3
wireshark-4.2.4
wireshark-4.2.5
wireshark-4.2.6
wireshark-4.2.7
wireshark-4.2.8
wireshark-4.2.9
wireshark-4.4.0
wireshark-4.4.1
wireshark-4.4.2
wireshark-4.4.3
wireshark-4.4.4
wireshark-4.4.5
wireshark-4.4.6
wireshark-4.4.7
wireshark-4.4.8
wireshark-4.4.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11626.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Introduced
009a163470b581c7d3ee66d89c819cef1f9e50fe
Fixed
f44ead52fe6599e4b2bb6e10e492795e640096de
Database specific 
{
    "versions": [
        {
            "introduced": "4.4.0"
        },
        {
            "fixed": "4.4.10"
        }
    ]
}
Type
GIT
Repo
https://gitlab.com/wireshark/wireshark
Events
Introduced
54eedfc63953c8180b5a9c60015917cce7a2548a
Fixed
9d81a981d05cd0d2e764871c5b4b7fcdb694182f
Database specific 
{
    "versions": [
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.2.14"
        }
    ]
}

Affected versions

v4.*
v4.2.0
v4.2.1
v4.2.10
v4.2.10rc0
v4.2.11
v4.2.11rc0
v4.2.12
v4.2.12rc0
v4.2.13
v4.2.13rc0
v4.2.14rc0
v4.2.1rc0
v4.2.2
v4.2.2rc0
v4.2.3
v4.2.3rc0
v4.2.4
v4.2.4rc0
v4.2.5
v4.2.5rc0
v4.2.6
v4.2.6rc0
v4.2.7
v4.2.7rc0
v4.2.8
v4.2.8rc0
v4.2.9
v4.2.9rc0
v4.4.0
v4.4.1
v4.4.10rc0
v4.4.1rc0
v4.4.2
v4.4.2rc0
v4.4.3
v4.4.3rc0
v4.4.4
v4.4.4rc0
v4.4.5
v4.4.5rc0
v4.4.6
v4.4.6rc0
v4.4.7
v4.4.7rc0
v4.4.8
v4.4.8rc0
v4.4.9
v4.4.9rc0
wireshark-4.*
wireshark-4.2.0
wireshark-4.2.1
wireshark-4.2.10
wireshark-4.2.11
wireshark-4.2.12
wireshark-4.2.13
wireshark-4.2.2
wireshark-4.2.3
wireshark-4.2.4
wireshark-4.2.5
wireshark-4.2.6
wireshark-4.2.7
wireshark-4.2.8
wireshark-4.2.9
wireshark-4.4.0
wireshark-4.4.1
wireshark-4.4.2
wireshark-4.4.3
wireshark-4.4.4
wireshark-4.4.5
wireshark-4.4.6
wireshark-4.4.7
wireshark-4.4.8
wireshark-4.4.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11626.json"