What the vulnerability does
01Description
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service
CVE-2026-0960
MEDIUM
CVE-2026-0960: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
CVSS base score
4.7/10
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Key dates
02Disclosure timeline
January 14, 2026
CVE published
March 27, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-20270
CVE-2021-29482 denial of service in github.com/ulikunitz/xz
CVE-2024-10907 Denial of Service (DoS) via Multipart Boundary in lm-sys/fastchat
CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input
CVE-2025-64438 Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS
