← Back to CVE List
CVE-2026-41606NVD
Vulnerability Summary
Uncontrolled Recursion vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
External References
- https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql
- http://www.openwall.com/lists/oss-security/2026/04/28/3
- https://access.redhat.com/errata/RHSA-2026:14885
- https://access.redhat.com/errata/RHSA-2026:21769
- https://access.redhat.com/errata/RHSA-2026:22347
- https://access.redhat.com/errata/RHSA-2026:22423
- https://access.redhat.com/errata/RHSA-2026:23345
- https://access.redhat.com/errata/RHSA-2026:24539
- https://access.redhat.com/security/cve/CVE-2026-41606
- https://bugzilla.redhat.com/show_bug.cgi?id=2463408
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41606.json