Integer Overflow Vulnerability in Apache Thrift by Apache Software Foundation
CVE-2026-41605

Currently unrated

Key Information:

Vendor: Apache
Status: Apache Thrift
Vendor: CVE Published:; 28 April 2026

What is CVE-2026-41605?

An integer overflow vulnerability exists in Apache Thrift, exposing users to potential exploitation. This issue affects all versions prior to 0.23.0, where improper handling of integer values can lead to unexpected behavior. To mitigate risks, users are urged to upgrade to version 0.23.0, which addresses this vulnerability effectively. For more information, consult the Apache advisory.

Affected Version(s)

Apache Thrift 0 < 0.23.0

References

https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925p...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Hasnain Lakhani

CVE-2026-41605 Data

JSON