CVE-2026-3203 — Vulnetix

CVE-2026-3203 PUBLISHED CVSS 5.5 MEDIUM

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

EPSS 0.03% · 8.0th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

0.03%

8.0th percentile

Affected Products

Vendor	Product	Versions
Wireshark Foundation	Wireshark	4.4.0, 4.6.0, 4.6.0
wireshark	wireshark	4.6.0, 4.6.0, 4.4.0

Exploit Intelligence

https://www.wireshark.org/security/wnpa-sec-2026-05.html (circl)
GitLab Issue #20972 (circl)
CIRCL seen: CVE-2026-3201 (circl-sighting)
CIRCL seen: CVE-2026-3201 (circl-sighting)
CIRCL seen: CVE-2026-3201 (circl-sighting)
CIRCL seen: CVE-2026-3201 (circl-sighting)
CIRCL seen: CVE-2026-3203 (circl-sighting)
https://www.wireshark.org/security/wnpa-sec-2026-07.html (circl)
GitLab Issue #21009 (circl)

Timeline

Feb 25, 2026 CVE Published
Feb 26, 2026 EPSS Score
Feb 26, 2026 PoC Published
Feb 26, 2026 PoC Published
Feb 27, 2026 EPSS Score
Mar 1, 2026 EPSS Score
Mar 2, 2026 EPSS Score
Mar 2, 2026 PoC Published
Mar 4, 2026 EPSS Score
Mar 5, 2026 EPSS Score
Mar 5, 2026 PoC Published
Mar 5, 2026 PoC Published

References

https://www.wireshark.org/security/wnpa-sec-2026-07.html advisory
https://www.wireshark.org/security/wnpa-sec-2026-06.html advisory
https://www.wireshark.org/security/wnpa-sec-2026-05.html advisory
GitLab Issue #21009 issue
https://nvd.nist.gov/vuln/detail/CVE-2026-3203 advisory
GitLab Issue #20972 issue

Open in Interactive Console →

$ Console Community · 100/wk Open console ›