Aws
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Aws product.
RSS Feeds for Aws security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Aws products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Aws Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 8 vulnerabilities in Aws with an average score of 7.5 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 8 | 7.54 |
It may take a day or so for new Aws vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Aws Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-7426 | Apr 29, 2026 |
FreeRTOS-Plus-TCP <4.2.6, <4.4.1 IPv6 RA Prefix Length OverflowInsufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available. |
|
| CVE-2026-7425 | Apr 29, 2026 |
FreeRTOS-Plus-TCP <= V4.4.1: IPv6 RA Prefix truncation DoSInsufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available. |
|
| CVE-2026-7424 | Apr 29, 2026 |
FreeRTOS-Plus-TCP DHCPv6 Integer Underflow (V4.4.1/4.2.6)Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer. |
|
| CVE-2026-7423 | Apr 29, 2026 |
Integer Underflow in FreeRTOS-Plus-TCP ICMP Handlers V4.4.1/V4.2.6Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available. |
|
| CVE-2026-7422 | Apr 29, 2026 |
FreeRTOS-Plus-TCP MAC Spoof Loophole before v4.4.1Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available. |
|
| CVE-2026-7191 | Apr 27, 2026 |
qnabot-on-aws <7.3 CExec via static-eval Exploit (CVE-2026-7191)Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Content Designer interface, which bypasses the intended expression sandbox through JavaScript prototype manipulation. This may grant direct access to backend resources (Lambda environment variables, OpenSearch indices, S3 objects, DynamoDB tables) that are not exposed through normal administrative interfaces. We recommend you upgrade to version 7.3.0 or above. |
Qnabot On Aws
|
| CVE-2026-6912 | Apr 24, 2026 |
AWS Ops Wheel Cognito User Pool Attribute Escalation via UpdateUserAttributesImproperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API call that sets the custom:deployment_admin attribute. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes. |
Aws Ops Wheel
|
| CVE-2026-6911 | Apr 24, 2026 |
AWS Ops Wheel JWT Signature Bypass (CVE-2026-6911)Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the deployment's User Pool, via a crafted JWT sent to the API Gateway endpoint. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes. |
Aws Ops Wheel
|