Latest CVE Vulnerabilities

8.4 HIGH

CVE-2026-7280 — eMPIA Technology｜AVACAST - Unquoted Service Path

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitra…

| Misconfiguration

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

8.5 HIGH

CVE-2026-7279 — eMPIA Technology｜AVACAST - DLL Hijacking

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code executio…

| Misconfiguration

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

6.5 MEDIUM

CVE-2026-7264 — SourceCodester Pizzafy Ecommerce System ajax.php get_cart_items sql injection

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation of t…

Remote | Injection

Apr 28, 2026 May 05, 2026

Apr 28, 2026

May 05, 2026

8.7 HIGH

CVE-2026-41636 — Apache Thrift: Node.js skip() recursion

Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

thrift | Remote | Denial of Service

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

6.5 MEDIUM

CVE-2026-41607 — Apache Thrift: C++ JSON OOB read

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

thrift | Remote | Memory Corruption

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

5.3 MEDIUM

CVE-2026-41606 — Apache Thrift: c_glib dispatch stack overflow

Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

thrift | Remote | Denial of Service

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

7.3 HIGH

CVE-2026-41605 — Apache Thrift: Swift Compact Protocol integer overflow

Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

thrift | Remote | Memory Corruption

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

8.2 HIGH

CVE-2026-41604 — Apache Thrift: Swift Range crash in skip()

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

thrift | Remote | Memory Corruption

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

7.4 HIGH

CVE-2026-41603 — Apache Thrift: Java TSSLTransportFactory hostname verification

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixe…

thrift | Remote | Misconfiguration

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

7.5 HIGH

CVE-2026-41602 — Apache Thrift: Go TFramedTransport uint32 overflow

Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to versio…

thrift | Remote | Memory Corruption

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

7.5 HIGH

CVE-2025-48431 — Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid poin…

Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, w…

thrift | Remote | Memory Corruption

Apr 28, 2026 Apr 28, 2026

Apr 28, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences