PT-2026-35685 · Apache · Apache Thrift
Published
2026-04-28
·
Updated
2026-04-28
·
CVE-2026-41603
CVSS v3.1
7.4
High
| AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apache Thrift