Amazon Amazon Amazon

  1. Vendors
  2. Amazon

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Amazon product.

RSS Feeds for Amazon security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Amazon products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Amazon Sorted by Most Security Vulnerabilities since 2018

Amazon Aws131 vulnerabilities

Amazon Freertos20 vulnerabilities

Amazon Tough5 vulnerabilities

Amazon Aws Software Development Kit4 vulnerabilities

Amazon Workspaces3 vulnerabilities

Amazon Awslabs Sandbox Accounts Events2 vulnerabilities

Amazon Aws Encryption Sdk2 vulnerabilities

Amazon Amplify Cli1 vulnerability

Amazon Freertos Plus Tcp1 vulnerability

Amazon Ion1 vulnerability

Amazon Linux 20231 vulnerability

Amazon Aws Deployment Framework1 vulnerability

Amazon Aws Alb Route Directive Adapter Istio1 vulnerability

Amazon Alexa1 vulnerability

Amazon Ec2 Api Tools Java Library1 vulnerability

Recent Amazon Security Advisories

Advisory Title Published
2026-04-29 Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues April 29, 2026
2026-04-29 CVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP April 29, 2026
2026-04-29 Issue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply Integer Underflow April 29, 2026
2026-04-27 CVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWS April 27, 2026
2026-04-24 Issues in tough library and tuftool CLI utility April 24, 2026
2026-04-24 Issue with AWS Ops Wheel (CVE-2026-6911 and CVE-2026-6912 April 24, 2026
2026-04-20 CVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python April 20, 2026
2026-04-17 CVE-2026-6437 - Mount Option Injection in Amazon EFS CSI Driver April 17, 2026
2026-04-14 CVE-2026-5747 - Out-of-bounds Write in Firecracker virtio-pci Transport April 14, 2026
2026-04-14 Issues with AWS Research and Engineering Studio (RES) April 14, 2026

By the Year

In 2026 there have been 37 vulnerabilities in Amazon with an average score of 7.1 out of ten. Last year, in 2025 Amazon had 46 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Amazon in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.41.




Year Vulnerabilities Average Score
2026 37 7.09
2025 46 6.68
2024 26 6.96
2023 23 6.74
2022 23 7.27
2021 17 8.64
2020 8 6.94
2019 6 6.83
2018 19 6.76

It may take a day or so for new Amazon vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Amazon Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-7426 Apr 29, 2026
FreeRTOS-Plus-TCP <4.2.6, <4.4.1 IPv6 RA Prefix Length Overflow Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available.
Aws
CVE-2026-7425 Apr 29, 2026
FreeRTOS-Plus-TCP <= V4.4.1: IPv6 RA Prefix truncation DoS Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available.
Aws
CVE-2026-7424 Apr 29, 2026
FreeRTOS-Plus-TCP DHCPv6 Integer Underflow (V4.4.1/4.2.6) Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer.
Freertos
Aws
CVE-2026-7423 Apr 29, 2026
Integer Underflow in FreeRTOS-Plus-TCP ICMP Handlers V4.4.1/V4.2.6 Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available.
Aws
CVE-2026-7422 Apr 29, 2026
FreeRTOS-Plus-TCP MAC Spoof Loophole before v4.4.1 Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available.
Aws
CVE-2026-7191 Apr 27, 2026
qnabot-on-aws <7.3 CExec via static-eval Exploit (CVE-2026-7191) Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Content Designer interface, which bypasses the intended expression sandbox through JavaScript prototype manipulation. This may grant direct access to backend resources (Lambda environment variables, OpenSearch indices, S3 objects, DynamoDB tables) that are not exposed through normal administrative interfaces. We recommend you upgrade to version 7.3.0 or above.
Aws
CVE-2026-6968 Apr 24, 2026
AWS Tough v<0.22.0 Path Traversal via Absolute Target Names Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing authority to write files outside intended output directories via absolute target names in copy_target/link_target, symlinked parent directories in save_target, or symlinked metadata filenames in SignedRole::write, because write paths trust the joined destination path without post-resolution containment verification. We recommend you upgrade to tough-v0.22.0 / tuftool-v0.15.0.
Aws
CVE-2026-6967 Apr 24, 2026
tough <0.22.0: Missing Exp/Hash/Len in Delegated Metadata (CVE-2026-6967) Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TUF specification integrity checks for delegated targets metadata and poison the local metadata cache, because load_delegations does not apply the same validation checks as the top-level targets metadata path. We recommend you upgrade to tough-v0.22.0 / tuftool-v0.15.0.
Tough
Aws
CVE-2026-6966 Apr 24, 2026
Signature Verification Flaw in AWS Tough <0.22.0 (go) Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept forged delegated role metadata. We recommend you upgrade to tough-v0.22.0 / tuftool-v0.15.0.
Tough
Aws
CVE-2026-6912 Apr 24, 2026
AWS Ops Wheel Cognito User Pool Attribute Escalation via UpdateUserAttributes Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API call that sets the custom:deployment_admin attribute. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2026-6911 Apr 24, 2026
AWS Ops Wheel JWT Signature Bypass (CVE-2026-6911) Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the deployment's User Pool, via a crafted JWT sent to the API Gateway endpoint. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws
CVE-2026-6550 Apr 20, 2026
AWS Encryption SDK Python - Crypto Downgrade in Cache Pre-3.3.1/4.0.5 Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be decrypted to multiple different plaintexts. To remediate this issue, users should upgrade to version 3.3.1, 4.0.5 or above.
Aws
CVE-2026-6437 Apr 17, 2026
AWS EFS CSI Driver <v3.0.1: Mount Option Injection via Argument Delimiter Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users should upgrade to version v3.0.1
Aws
CVE-2026-5747 Apr 07, 2026
Out-of-Bounds Write in virtio PCI Transport (Firecracker <=1.15.0) An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue configuration registers after device activation. Achieving code execution on the host requires additional preconditions, such as the use of a custom guest kernel or specific snapshot configurations. To remediate this, users should upgrade to Firecracker 1.14.4 or 1.15.1 and later.
Aws
CVE-2026-5709 Apr 06, 2026
RES FileBrowser API Unsanitized Input (pre-2026.03) Enables RCE Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediate this issue, users are advised to upgrade to RES version 2026.03 or apply the corresponding mitigation patch to their existing environment.
Aws
CVE-2026-5708 Apr 06, 2026
AWS RES Session Attr Flaw Enables Priv Escalation, Fixed 2026.03 Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (RES) prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with AWS resources and services via a crafted API request. To remediate this issue, users are advised to upgrade to RES version 2026.03 or apply the corresponding mitigation patch to their existing environment.
Aws
CVE-2026-5707 Apr 06, 2026
AWS RES 2025.x Unsanitized session name OS command exec as root Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES) version 2025.03 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands as root on the virtual desktop host via a crafted session name. To remediate this issue, users are advised to upgrade to RES version 2026.03 or apply the corresponding mitigation patch to their existing environment.
Aws
CVE-2026-35558 Apr 03, 2026
Improper neutralization in Amazon Athena ODBC driver auth pre-2.1.0 Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during user-initiated authentication. To remediate this issue, users should upgrade to version 2.1.0.0.
Aws
CVE-2026-35559 Apr 03, 2026
Amazon Athena ODBC Driver <2.1.0.0: OOB Write in Query Processor Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0.0.
Aws
CVE-2026-5485 Apr 03, 2026
OS Command Injection in Amazon Athena ODBC Driver < 2.0.5.1 (Linux) OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To remediate this issue, users should upgrade to version 2.0.5.1 or later.
Aws
CVE-2026-35562 Apr 03, 2026
Resource Exhaustion in Athena ODBC Driver (pre2.1.0.0) Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this issue, users should upgrade to version 2.1.0.0.
Aws
CVE-2026-35561 Apr 03, 2026
Amazon Athena ODBC Driver <2.1.0.0: Brows Auth Hijack Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediate this issue, users should upgrade to version 2.1.0.0.
Aws
CVE-2026-35560 Apr 03, 2026
Amazon Athena ODBC Driver <2.1.0 Improper Cert Validation (MITM) Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. This only applies to connections with external identity providers and does not apply to connections with Athena. To remediate this issue, users should upgrade to version 2.1.0.0.
Aws
CVE-2026-5429 Apr 02, 2026
Kiro IDE <0.8.140 Webview Unsanitized Input RCE Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue requires the user to trust the workspace when prompted. To remediate this issue, users should upgrade to version 0.8.140.
Aws
CVE-2026-5190 Mar 31, 2026
Out-of-bounds write in AWS aws-c-event-stream v<0.6.0 streaming decoder Out-of-bounds write in the streaming decoder component in aws-c-event-stream before 0.6.0 might allow a third party operating a server to cause memory corruption leading to arbitrary code execution on a client application that processes crafted event-stream messages. To remediate this issue, users should upgrade to version 0.6.0 or later.
Aws
CVE-2026-4428 Mar 19, 2026
AWS-LC <1.71.0: CRL D. Point Validation Logic Error Bypasses Revoked Cert A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or AWS-LC-FIPS-3.3.0.
Aws
CVE-2026-4295 Mar 17, 2026
Kiro IDE Remote Code Execution via Trust Boundary Bypass pre 0.8.0 Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory. To remediate this issue, users should upgrade to version 0.8.0 or higher.
Aws
CVE-2026-4269 Mar 16, 2026
Missing S3 Ownership Verification in Bedrock AgentCore Toolkit <v0.1.13 Allows RCE A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore Starter Toolkit before version v0.1.13 who build or have built the Toolkit after September 24, 2025. Any users on a version >=v0.1.13, and any users on previous versions who built the toolkit before September 24, 2025 are not affected. To remediate this issue, customers should upgrade to version v0.1.13.
Aws
CVE-2026-4270 Mar 16, 2026
AWS MCP Server 0.2.141.3.9 Improper AlternatePath File Access Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context. To remediate this issue, users should upgrade to version 1.3.9.
Aws
CVE-2026-3494 Mar 03, 2026
MariaDB 11.8.5 Audit Plugin: Double-Hyphen Comments Not Logged In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen () or hash (#) style comments, the statement is not logged.
Aws
CVE-2026-3338 Mar 02, 2026
AWS-LC <1.69: Unauth bypass in PKCS7_verify signature validation Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.
Aws
CVE-2026-3337 Mar 02, 2026
Timing Discrepancy in AES-CCM Auth Tag via EVP in AWS-LC <1.69.0 Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.
Aws
CVE-2026-3336 Mar 02, 2026
AWS-LC 1.69 Fix: PKCS7_verify Cert Chain Validation Bypass (CVE-2026-3336) Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.
Aws
CVE-2026-1778 Feb 02, 2026
TLS Cert Check Bypass in Amazon SageMaker Python SDK < v3.1.1/v2.256.0 Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.
Aws
CVE-2026-1777 Feb 02, 2026
Amazon SageMaker Python SDK <3.2.0: Cleartext HMAC Key Exposure in DescTrnJob The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function. A third party with permissions to both call this API and permissions to modify objects in the Training Jobs S3 output location may have the ability to upload arbitrary artifacts which are executed the next time the Training Job is invoked.
Aws
CVE-2026-1386 Jan 23, 2026
Firecracker jailer symlink attack before v1.13.2 / 1.14.1 A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Aws
CVE-2026-0830 Jan 09, 2026
Arbitrary Command Injection in Kiro IDE <0.6.18 via Malicious Workspace Names Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version.
Aws
CVE-2025-14764 Dec 17, 2025
Amazon S3 Encryption Client for Go <3.3 key commitment flaw Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for Go to version 4.0 or later.
Aws
CVE-2025-14763 Dec 17, 2025
Amazon S3 Encryption Client for Java v<4.0 Key Commitment Vulnerability Missing cryptographic key commitment in the Amazon S3 Encryption Client for Java may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for Java to version 4.0.0 or later.
Aws
CVE-2025-14762 Dec 17, 2025
Missing Key Commitment AWS SDK for Ruby <1.208.0 Varying Decryption Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for Ruby to version 1.208.0 or later.
Aws
CVE-2025-14761 Dec 17, 2025
AWS SDK for PHP 3.368 Missing key commitment enables EDK injection Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for PHP to version 3.368.0 or later
Aws
CVE-2025-14760 Dec 17, 2025
Missing Key Commitment in AWS SDK for C++ (before 1.11.712) Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade AWS SDK for C++ to version 1.11.712 or later
Aws
CVE-2025-14759 Dec 17, 2025
Amazon S3 Encryption Client .NET Key Commitment Bypass (Prior to 4.0.0) Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgrade Amazon S3 Encryption Client for .NET to version 3.2.0 or later.
Aws
CVE-2025-14503 Dec 15, 2025
Harmonix on AWS IAM Trust Exploit v0.3.0 to v0.4.1 Escalation An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM principal in the same AWS account with sts:AssumeRole permissions to assume the role with administrative privileges. We recommend customers upgrade to Harmonix on AWS v0.4.2 or later if you have deployed the framework using versions v0.3.0 through v0.4.1.
Aws
CVE-2025-55182 Dec 03, 2025
RCFC 19.019.2 Remote Code Exec via Unsafe Deserialization A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Aws
CVE-2025-13524 Nov 21, 2025
Audio Leak after Call Termination in AWS Wickr<6.62.13 (Windows/macOS/Linux) Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require the affected user to take a particular action within the application To mitigate this issue, users should upgrade AWS Wickr, Wickr Gov and Wickr Enterprise desktop version to version 6.62.13.
Aws
CVE-2025-12967 Nov 10, 2025
Privilege Escalation in AWS Aurora PG Wrappers v2.6.5 (RDS Superuser) An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. We recommend customers upgrade to the following versions: AWS JDBC Wrapper to v2.6.5, AWS Go Wrapper to 2025-10-17, AWS NodeJS Wrapper to v2.0.1, AWS Python Wrapper to v1.4.0 and AWS PGSQL ODBC driver to v1.0.1
Aws
CVE-2025-12829 Nov 07, 2025
Amazon Ion-C Uninit Stack Read <1.1.4 (CVE-2025-12829) An uninitialized stack read issue exists in Amazon Ion-C versions <v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version v1.1.4.
Aws
CVE-2025-52881 Nov 06, 2025
runc: /proc Redirect via Race in 1.2.7-1.4.0-rc.2 runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.
Aws
CVE-2025-52565 Nov 06, 2025
runc <1.2.8/1.3.3/1.4.0-rc.3: /dev/console Bind-Mount LFI/Container Breakout runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.
Aws
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.