High severity7.4NVD Advisory· Published Apr 28, 2026· Updated Apr 28, 2026
CVE-2026-41603
CVE-2026-41603
Description
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwqlnvdMailing ListPatchRelease Notes
- www.openwall.com/lists/oss-security/2026/04/28/7nvdMailing List
News mentions
0No linked articles in our index yet.