|
511
|
8.2 |
HIGH
Network
|
apache
|
thrift
|
Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-41604
|
2026-04-29 03:40 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
512
|
7.3 |
HIGH
Network
|
apache
|
thrift
|
Integer Overflow or Wraparound vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-41605
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
513
|
5.3 |
MEDIUM
Network
|
apache
|
thrift
|
Uncontrolled Recursion vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
New
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-41606
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
514
|
6.5 |
MEDIUM
Network
|
apache
|
thrift
|
Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-41607
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
515
|
7.5 |
HIGH
Network
|
apache
|
thrift
|
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
New
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-41636
|
2026-04-29 03:38 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
516
|
7.5 |
HIGH
Network
|
nds-association
|
zserio
|
Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, a crafted payload as small as 4-5 bytes can force memory allocations of up t…
Update
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-33524
|
2026-04-29 03:33 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
517
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Fix NULL dereference on notify error path
Since commit b5daf93b809d1 ("firmware: arm_scmi: Avoid notifier
reg…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-31544
|
2026-04-29 03:32 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
518
|
7.5 |
HIGH
Network
|
nds-association
|
zserio
|
Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes() / readString(), the setBitPosition() bounds…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-33666
|
2026-04-29 03:32 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
519
|
9.1 |
CRITICAL
Network
|
dgraph
|
dgraph
|
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the …
Update
|
CWE-943
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2026-41327
|
2026-04-29 03:31 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
520
|
9.1 |
CRITICAL
Network
|
dgraph
|
dgraph
|
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the …
Update
|
CWE-943
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2026-41328
|
2026-04-29 03:31 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
