Memory Allocation Vulnerability in Apache Thrift by Apache
CVE-2026-43868

Currently unrated

Key Information:

Vendor: Apache
Status: Apache Thrift
Vendor: CVE Published:; 5 May 2026

What is CVE-2026-43868?

A vulnerability exists in Apache Thrift that allows for memory allocation with excessive size values, potentially leading to denial of service or other unintended consequences. It is critical for users to upgrade their installations to version 0.23.0 to mitigate the risks associated with this vulnerability and ensure the security and stability of their systems.

Affected Version(s)

Apache Thrift 0 < 0.23.0

References

https://lists.apache.org/thread/zj76dtwnbbs1m7z3focf4wd51...

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
May 4, 2026

CVE-2026-43868 Data

JSON