PT-2026-35701 · Apache · Apache Thrift

Hasnain Lakhani

Published

2026-04-28

Updated

2026-05-04

CVE-2026-41605

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Apache Thrift versions prior to 0.23.0

Description An integer overflow or wraparound issue exists in Apache Thrift. This occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits, potentially causing the value to wrap around to a minimum or maximum value.

Recommendations Upgrade to version 0.23.0.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BIT-THRIFT-2026-41605

CVE-2026-41605

OPENSUSE-SU-2026:10685-1

Affected Products

Apache Thrift

PT-2026-35701 · Apache · Apache Thrift

CVE-2026-41605

Weakness Enumeration

Related Identifiers

Affected Products

References · 21