4 matches found
CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6
CVE-2026-41636 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...
@514labs/aurora-mcp (>=0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939 <=0.0.64), @514labs/sloan-mcp (=0.0.65) +488 more potentially affected by CVE-2026-41636 via thrift (>=0.10.0 <=0.22.0)
thrift NPM version =0.10.0, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.6, =0.9.0, =0.0.0-9d773c, =0.0.0-5ad901, =0.0.1, =1.0.0-beta.1, =1.0.0-beta.6, =1.0.1, =1.1.0, =0.24.0-no-protobuf-patch.1, =0.24.0-patch.1 - @ccmaymay/concrete =4.15.1 and more Source cves: CVE-2026-41636...
UBUNTU-CVE-2026-41636
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
CVE-2026-41636
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...