CVE-2026-41606
published 2026-04-28CVE-2026-41606: Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
Uncontrolled Recursion vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | thrift | < 0.23.0 | 0.23.0 |
| apache_software_foundation | apache_thrift | < 0.23.0 | 0.23.0 |
| multicluster-globalhub | multicluster-globalhub-grafana-rhel9 | — | — |
| openshift-gitops-1 | argocd-rhel8 | — | — |
| openshift-gitops-1 | argocd-rhel9 | — | — |
| openshift-service-mesh | istio-rhel8-operator | — | — |
| openshift4 | oc-mirror-plugin-rhel9 | — | — |
| openshift4 | ztp-site-generate-rhel8 | — | — |
| rhacm2 | acm-grafana-rhel9 | — | — |
| rhaiis | vllm-cpu-rhel9 | — | — |
| rhaiis | vllm-cuda-rhel9 | — | — |
| rhaiis | vllm-rocm-rhel9 | — | — |
| rhaiis | vllm-tpu-rhel9 | — | — |
| rhelai3 | bootc-aws-cuda-rhel9 | — | — |
| rhelai3 | bootc-azure-cuda-rhel9 | — | — |
| rhelai3 | bootc-azure-rocm-rhel9 | — | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-gcp-cuda-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhoai | odh-kf-notebook-controller-rhel8 | — | — |
| rhoai | odh-model-registry-rhel9 | — | — |
| rhoai | odh-notebook-controller-rhel8 | — | — |
| rhosdt | opentelemetry-collector-rhel9 | — | — |
| rhosdt | tempo-jaeger-query-rhel9 | — | — |
| rhosdt | tempo-query-rhel9 | — | — |