|
1141
|
7.4 |
HIGH
Network
|
apache
|
thrift
|
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixe…
|
CWE-297
CWE-306
Improper Validation of Certificate with Host Mismatch
Missing Authentication for Critical Function
|
CVE-2026-41603
|
2026-04-29 03:42 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1142
|
5.4 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages that should be filtered by sender a…
|
CWE-441
Confused Deputy
|
CVE-2026-41365
|
2026-04-29 03:41 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1143
|
6.5 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment paths. Remote attackers can …
|
CWE-22
Path Traversal
|
CVE-2026-41370
|
2026-04-29 03:41 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1144
|
7.5 |
HIGH
Network
|
apache
|
thrift
|
Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, w…
|
CWE-762
Mismatched Memory Management Routines
|
CVE-2025-48431
|
2026-04-29 03:40 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1145
|
7.5 |
HIGH
Network
|
apache
|
thrift
|
Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to versio…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-41602
|
2026-04-29 03:40 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1146
|
8.2 |
HIGH
Network
|
apache
|
thrift
|
Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
|
CWE-125
Out-of-bounds Read
|
CVE-2026-41604
|
2026-04-29 03:40 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1147
|
7.3 |
HIGH
Network
|
apache
|
thrift
|
Integer Overflow or Wraparound vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-41605
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1148
|
5.3 |
MEDIUM
Network
|
apache
|
thrift
|
Uncontrolled Recursion vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-41606
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1149
|
6.5 |
MEDIUM
Network
|
apache
|
thrift
|
Out-of-bounds Read vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
|
CWE-125
Out-of-bounds Read
|
CVE-2026-41607
|
2026-04-29 03:39 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1150
|
7.5 |
HIGH
Network
|
apache
|
thrift
|
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-41636
|
2026-04-29 03:38 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
