Aws Aws

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Aws product.

RSS Feeds for Aws security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Aws products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Aws Sorted by Most Security Vulnerabilities since 2018

Aws Kiro Ide2 vulnerabilities

Aws Advanced Jdbc Wrapper2 vulnerabilities

Aws Ops Wheel2 vulnerabilities

Aws S2n Quic1 vulnerability

Rabbitmq Aws1 vulnerability

Qnabot On Aws1 vulnerability

Aws Kiro Cli1 vulnerability

Aws Graph Explorer1 vulnerability

Aws Bedrock Agentcore1 vulnerability

Aws Agentcore Cli1 vulnerability

Aws Cdk1 vulnerability

Aws C Http1 vulnerability

Aws Advanced Go Wrapper1 vulnerability

Aws Amazon Ecs Agent1 vulnerability

By the Year

In 2026 there have been 28 vulnerabilities in Aws with an average score of 7.6 out of ten.

Year Vulnerabilities Average Score
2026 28 7.63

It may take a day or so for new Aws vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Aws Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-14265 Jul 01, 2026
AWS Advanced JDBC Wrapper 3.3-4.0 RemoteQueryCachePlugin Deserialization RCE Deserialization of untrusted data in the RemoteQueryCachePlugin in Amazon Web Services AWS Advanced JDBC Wrapper 3.3.0 through 4.0.0 might allow an actor with write access to the shared cache infrastructure to execute arbitrary code on application servers that read cached query results via a crafted serialized Java object. The RemoteQueryCachePlugin uses ObjectInputStream without class filtering when deserializing cached query results from Redis or Valkey, enabling gadget chain execution when cache entries are poisoned. We recommend upgrading to AWS Advanced JDBC Wrapper version 4.0.1 or later.
Aws Advanced Jdbc Wrapper
CVE-2026-13760 Jul 01, 2026
OS Command Injection in aws-cdk-lib NodejsFunction Docker Bundling (v2.260.0 Fix) OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on all platforms might allow a actor who controls dependency version strings in a project's package.json file to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters in the OsCommand helper. This issue requires the actor to control the content of a package.json dependency version string that is processed during Docker-based bundling with nodeModules specified. To remediate this issue, users should upgrade to v2.260.0.
Aws Cdk
CVE-2026-13769 Jul 01, 2026
AWS CLI <=1.44.77 / <=2.34.28: Overly Permissive File Permissions Expose Credentials Overly permissive file permissions in AWS CLI before 1.44.78 (v1) and 2.34.29 (v2) on Unix-like systems where the umask has not been configured to restrict file permissions (the default on most systems) may allow other local users on the same host to read credentials written by certain CLI subcommands (aws codeartifact login, aws iam create-virtual-mfa-device, aws deploy register). To remediate this issue, users should upgrade to AWS CLI 1.44.78 (v1) or 2.34.29 (v2) or later.
CVE-2026-13763 Jun 29, 2026
AWS ALB HTTP/2 WAF Bypass via Fragmented Body Inspection Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue only impacts HTTP/2 ALB target groups. To remediate this issue, customers should enable the "Inspect after sufficient data" target group configuration associated to an ALB load balancer. Refer to: ( https://docs.aws.amazon.com/elasticloadbalancing/latest/application/edit-target-group-attributes.html#waf-http2-inspection )
CVE-2026-13762 Jun 29, 2026
CloudFront AWS WAF HTTP/2 Body Inspection Bypass Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue was remediated server-side. No customer action is required.
CVE-2026-12530 Jun 17, 2026
AWS Bedrock AgentCore SDK 1.1.3-1.6.1 Remote Cmd via install_packages Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate this issue, users should upgrade to version 1.6.1.
Bedrock Agentcore
CVE-2026-11931 Jun 15, 2026
Kiro IDE 0.11.133 fixes insecure token cache permissions (CVE-2026-11931) Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this issue, users should upgrade to Kiro IDE version 0.11.133 or later. After upgrading and restarting the application, the cache file permissions are automatically updated on the next token refresh. Users operating in a multi-user environment can invalidate existing tokens by reauthenticating.
Kiro Ide
CVE-2026-12043 Jun 12, 2026
AWS Common Runtime aws-c-http 0.11.0: HPACK CVE-2026-12043 Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2 HEADERS frames. To remediate this issue, users should upgrade to aws-c-http version 0.11.0.
Aws C Http
CVE-2026-10740 Jun 10, 2026
s2n-quic 1.8.2+ Unbounded CRYPTO frame reassembler DoS Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service (degraded availability) by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2.
S2n Quic
CVE-2026-11417 Jun 10, 2026
OS Command Injection NodejsFunction bundling in aws-cdk-lib <2.245.0 OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters. This issue requires the threat actor to control the value of one or more of the affected bundling properties in the CDK application. To remediate this issue, users should upgrade to aws-cdk-lib 2.245.0 (2.246.0 on Windows) or later.
Aws Cloud Development Kit Library
CVE-2026-11393 Jun 08, 2026
CVE-2026-11393: AgentCore CLI v<0.14.2 RCE via triplequote code gen Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of another user in the same AWS account, via a crafted collaborationInstruction stored on a Bedrock Agent collaborator and later processed by that other user during agent import. To remediate this issue, users should upgrade to version 0.14.2.
Agentcore Cli
CVE-2026-11401 Jun 05, 2026
AWS Adv Go Wrapper GDBP Untrusted Search Path Escalation An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rds_superuser, via a crafted function created by the actor that runs when that user connects to the cluster through the affected wrapper. To remediate this issue, users should upgrade to the AWS Advanced Go Wrapper release 2026-05-26
Aws Advanced Go Wrapper
CVE-2026-11400 Jun 05, 2026
AWS Advanced JDBC Wrapper 4.0.0 GlobalDatabasePlugin Search Path Escalation An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rds_superuser, via a crafted function created by the actor that runs when that user connects to the cluster through an affected wrapper. To remediate this issue, users should upgrade to AWS Advanced JDBC Wrapper version 4.0.1.
Aws Advanced Jdbc Wrapper
CVE-2026-10584 Jun 02, 2026
Graph Explorer v<3.0.1 HTTP Fallback Enables HTTPS Interception Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer v3.0.1 or later.
Graph Explorer
CVE-2026-10591 Jun 02, 2026
Amazon Kiro IDE <0.11 File Write CA Remote Exec Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths (such as .vscode/tasks.json), enabling auto-execution on folder open. To remediate this issue, users should upgrade to Kiro IDE version 0.11 or later.
Kiro Ide
CVE-2026-9291 May 22, 2026
Amazon Braket SDK 1.117.0 Fix: Insecure Deserialization (Remote Exec) Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to amazon-braket-sdk version 1.117.0 or later.
Amazon Braket Python Sdk
CVE-2026-9255 May 22, 2026
Kiro CLI <1.28.0: Missing input validation allows arbitrary tool exec via stdin Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version 1.28.0 or later.
Kiro Cli
CVE-2026-9133 May 20, 2026
Amazon MQ rabbitmq-aws <0.2.1: Debug ARN allows remote file read Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme (arn:aws-debug:file) accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the RabbitMQ process. To remediate this issue, customers should upgrade to version 0.2.1 of rabbitmq-aws. If RabbitMQ is configured to use TLS for connections, we also recommend rotating any associated private certificate keys.
Rabbitmq Aws
CVE-2026-8838 May 18, 2026
Amazon Redshift Python Driver eval() Vulnerability in vector_in() before 2.1.14 Unsafe use of Python's eval() on server-received data in the vector_in() function in amazon-redshift-python-driver before 2.1.14 allows a rogue server or man-in-the-middle actor to execute arbitrary code on the client. To remediate this issue, users should upgrade to version 2.1.14.
Amazon Redshift Connector Python
CVE-2026-7461 Apr 30, 2026
Amazon ECS Agent FSx WinFS OS Command Injection <v1.103.0 Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a specially crafted username field in an ECS task definition. This issue requires permissions to register ECS task definitions or write to the Secrets Manager or SSM Parameter Store credentials used by the FSx volume configuration. To remediate this issue, users should upgrade to version 1.103.0.
Amazon Ecs Agent
CVE-2026-7426 Apr 29, 2026
FreeRTOS-Plus-TCP <4.2.6, <4.4.1 IPv6 RA Prefix Length Overflow Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available.
CVE-2026-7425 Apr 29, 2026
FreeRTOS-Plus-TCP <= V4.4.1: IPv6 RA Prefix truncation DoS Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available.
CVE-2026-7424 Apr 29, 2026
FreeRTOS-Plus-TCP DHCPv6 Integer Underflow (V4.4.1/4.2.6) Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer.
CVE-2026-7423 Apr 29, 2026
Integer Underflow in FreeRTOS-Plus-TCP ICMP Handlers V4.4.1/V4.2.6 Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available.
CVE-2026-7422 Apr 29, 2026
FreeRTOS-Plus-TCP MAC Spoof Loophole before v4.4.1 Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available.
CVE-2026-7191 Apr 27, 2026
qnabot-on-aws <7.3 CExec via static-eval Exploit (CVE-2026-7191) Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Content Designer interface, which bypasses the intended expression sandbox through JavaScript prototype manipulation. This may grant direct access to backend resources (Lambda environment variables, OpenSearch indices, S3 objects, DynamoDB tables) that are not exposed through normal administrative interfaces. We recommend you upgrade to version 7.3.0 or above.
Qnabot On Aws
CVE-2026-6912 Apr 24, 2026
AWS Ops Wheel Cognito User Pool Attribute Escalation via UpdateUserAttributes Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API call that sets the custom:deployment_admin attribute. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws Ops Wheel
CVE-2026-6911 Apr 24, 2026
AWS Ops Wheel JWT Signature Bypass (CVE-2026-6911) Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the deployment's User Pool, via a crafted JWT sent to the API Gateway endpoint. To remediate this issue, users should redeploy from the updated repository and ensure any forked or derivative code is patched to incorporate the new fixes.
Aws Ops Wheel
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.