CVE-2026-0960

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-0960
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://gitlab.com/wireshark/wireshark/-/issues/20944 Exploit Issue Tracking Patch Vendor Advisory
https://www.wireshark.org/security/wnpa-sec-2026-04.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2026-01-14 21:15

Updated : 2026-01-21 20:07

NVD link : CVE-2026-0960

Mitre link : CVE-2026-0960

CVE.ORG link : CVE-2026-0960

JSON object : View

Products Affected

wireshark

  • wireshark
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')