Aws Cloud Development Kit Library
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Aws Cloud Development Kit Library.
By the Year
In 2026 there have been 1 vulnerability in Aws Cloud Development Kit Library with an average score of 7.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.30 |
It may take a day or so for new Aws Cloud Development Kit Library vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Aws Cloud Development Kit Library Security Vulnerabilities
OS Command Injection NodejsFunction bundling in aws-cdk-lib <2.245.0
CVE-2026-11417
7.3 - High
- June 10, 2026
OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might allow an actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters. This issue requires the threat actor to control the value of one or more of the affected bundling properties in the CDK application. To remediate this issue, users should upgrade to aws-cdk-lib 2.245.0 (2.246.0 on Windows) or later.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Aws Cloud Development Kit Library or by Aws? Click the Watch button to subscribe.
