CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6

CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...

CVE-2026-41636 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce...

CVE-2026-41636

No description is available for this CVE...

@0xd541ecb3/byte-babe (>=1.0.0 <=1.2.1), @514labs/aurora-mcp (>=0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939 <=0.0.64) +674 more potentially affected by CVE-2026-41636 via thrift (>=0.10.0 <=0.22.0)

thrift NPM version =0.10.0, =1.0.0, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.6, =0.0.0-dev, =1.0.0, =0.9.0, =0.0.0-9d773c, =0.0.0-5ad901, =0.0.1, =0.2.0, =0.2.0, =1.0.0-beta.1, =1.0.0-beta.6 and more Source cves: CVE-2026-41636 Source advisory: OSV:GHSA-R67J-R569-JRWP...

CVE-2026-41636

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

UBUNTU-CVE-2026-41636

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2026-41636

creationtimestamp| type| source ---|---|--- 2026-04-28 01:07:48+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkjfhzx67s2m...

CVE-2026-41636

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

CVE-2023-41636

creationtimestamp| type| source ---|---|--- 2023-08-31 18:13:14+00:00| seen| https://t.me/cibsecurity/69555 2023-10-22 22:26:28+00:00| published-proof-of-concept| Telegram/7a7fweCj36f2cd-3XHNsj84vMqrUUzQeix11cFhtTPwJ...

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

CVE-2023-41636

CVE-2023-41636 describes a SQL injection in the parameters of GruppoSCAI RealGimm v1.1.37p38, specifically the Data Richiesta dal parameter. The vulnerability allows an attacker to access the database and execute arbitrary commands through a crafted SQL query. Affected software: GruppoSCAI RealGi...

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

CVE-2022-41636

creationtimestamp| type| source ---|---|--- 2022-10-28 22:29:49+00:00| seen| https://t.me/cibsecurity/52253...

CVE-2022-41636

Communication traffic involving "Ethernet Q Commands" service of Haas Controller version 100.20.000.1110 is transmitted in cleartext. This allows an attacker to obtain sensitive information being passed to and from the controller...

CVE-2022-41636

CVE-2022-41636 affects Haas Controller v100.20.000.1110. The issue is that traffic for the Ethernet Q Commands service is transmitted in cleartext, enabling an attacker with access to the same network segment to obtain sensitive information passed to and from the controller. The NVD entry notes c...

CVE-2021-41636

creationtimestamp| type| source ---|---|--- 2022-06-24 16:37:58+00:00| seen| https://t.me/cibsecurity/45074...

CVE-2021-41636

MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP servers root directory and operate on the entire operating system, while the access restrictions of the user running the FTP server apply...

CVE-2021-41636

MELAG FTP Server 2.2.0.4 exposes a directory-traversal issue: the CWD command can break out of the FTP server’s root and allow an attacker to operate on the underlying OS, constrained only by the user’s access restrictions. Affected: MELAG FTP Server 2.2.0.4. Root cause: path handling in CWD enab...

Apache Traffic Server Input Validation Error Vulnerability (CNVD-2022-41636)

Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation in the U.S. An input validation error vulnerability exists in Apache Traffic Server versions 8.0.0 through 8.1.3 and 9.0.0 through 9.1.1, which stems from a request parsing incorrect input...