PT-2026-2953 · Wireshark Foundation+1 · Wireshark+1

Tom Needham

·

Published

2026-01-14

·

Updated

2026-04-02

·

CVE-2026-0960

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.2
Description An infinite loop in the HTTP3 protocol dissector can lead to a denial of service.
Recommendations Update to a newer version that contains a fix for this vulnerability.

Exploit

Fix

DoS

Infinite Loop

Weakness Enumeration

CWE-835

Related Identifiers

AZL-74994
BDU:2026-03611
CVE-2026-0960
OESA-2026-1545
OESA-2026-1547
OESA-2026-1548
OESA-2026-1549
OESA-2026-1550
OPENSUSE-SU-2026:10056-1
SUSE-SU-2026:0237-1
SUSE-SU-2026:1169-1

Affected Products

Red Os
Wireshark