Copyright © 2012 Red Hat, Inc. All rights reserved. Important 2026-04-28T09:20:44 Apache Thrift: Apache Thrift: Integer Overflow or Wraparound Vulnerability 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H CWE-190

A flaw was found in Apache Thrift. This integer overflow or wraparound vulnerability could potentially lead to unexpected behavior or resource exhaustion, which may impact the availability or integrity of the system. The exact consequences depend on how the overflow is triggered and handled within the application.

Red Hat OpenShift distributed tracing 3.9.3 2026-05-07T00:00:00Z RHSA-2026:14885 rhosdt/tempo-jaeger-query-rhel9:1778158391 Red Hat OpenShift distributed tracing 3.9.3 2026-05-07T00:00:00Z RHSA-2026:14885 rhosdt/tempo-query-rhel9:1778158343 Red Hat OpenShift distributed tracing 3.9.3 2026-05-07T00:00:00Z RHSA-2026:14885 rhosdt/tempo-rhel9:1778158374 Multicluster Global Hub Affected multicluster-globalhub/multicluster-globalhub-grafana-rhel9 OpenShift Service Mesh 2 Not affected openshift-service-mesh/istio-rhel8-operator Red Hat Advanced Cluster Management for Kubernetes 2 Affected rhacm2/acm-grafana-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-cpu-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-cuda-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-rocm-rhel9 Red Hat AI Inference Server Affected rhaiis/vllm-tpu-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-aws-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-azure-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-azure-rocm-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-gcp-cuda-rhel9 Red Hat Enterprise Linux AI (RHEL AI) 3 Affected rhelai3/bootc-rocm-rhel9 Red Hat OpenShift AI (RHOAI) Not affected rhoai/odh-kf-notebook-controller-rhel8 Red Hat OpenShift AI (RHOAI) Not affected rhoai/odh-model-registry-rhel9 Red Hat OpenShift AI (RHOAI) Not affected rhoai/odh-notebook-controller-rhel8 Red Hat OpenShift Container Platform 4 Affected openshift4/oc-mirror-plugin-rhel9 Red Hat OpenShift Container Platform 4 Affected openshift4/ztp-site-generate-rhel8 Red Hat OpenShift distributed tracing 3 Not affected rhosdt/opentelemetry-collector-rhel9 Red Hat OpenShift GitOps Will not fix openshift-gitops-1/argocd-rhel8 Red Hat OpenShift GitOps Will not fix openshift-gitops-1/argocd-rhel9 https://www.cve.org/CVERecord?id=CVE-2026-41605 https://nvd.nist.gov/vuln/detail/CVE-2026-41605 http://www.openwall.com/lists/oss-security/2026/04/28/4 https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql