VYPR

Arrow C++

by Apache

CVEs (1)

  • CVE-2026-25087Feb 17, 2026
    risk 0.00cvss epss 0.01

    Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as…