Aws Latest High Vulnerabilities

OS Command Injection in NodejsFunction Bundling in aws-cdk-lib

CVE-2026-11417

AwsAws Cloud Development ...7HIGH

Code injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent import

CVE-2026-11393

AwsAgentcore Cli8.8HIGH

Privilege Escalation in AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL

CVE-2026-11401

AwsAws Advanced Go Wrapper8.6HIGH

Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

CVE-2026-11400

AwsAws Advanced Jdbc Wrapper8.6HIGH

HTTP Fallback Vulnerability in Graph Explorer by AWS

CVE-2026-10584

AwsGraph Explorer8.2HIGH

Insufficient Access Control in Amazon Kiro IDE

CVE-2026-10591

AwsKiro Ide8.6HIGH

Improper Certificate Validation in ExAws SNS by ExAws

CVE-2026-47074

Ex-awsEx Aws Sns8.7HIGH

Insecure Deserialization Vulnerability in Amazon Braket SDK by AWS

CVE-2026-9291

AwsAmazon Braket Python Sdk7.5HIGH

Input Validation Flaw in Kiro CLI Tool by Kiro

CVE-2026-9255

AwsKiro Cli8.4HIGH

Remote File Read Vulnerability in RabbitMQ AWS Plugin by Amazon

CVE-2026-9133

AwsRabbitMQ Aws8.3HIGH

Code Execution Vulnerability in Amazon Redshift Python Driver by AWS

CVE-2026-8838

AwsAmazon Redshift Connec...9.3CRITICAL

Improper Input Handling in Amazon ECS Agent on Windows

CVE-2026-7461

AwsAmazon Ecs Agent7.5HIGH

Integer Underflow Vulnerability in FreeRTOS Product by Amazon

CVE-2026-7424

AwsFreertos-plus-tcp7.2HIGH

Insufficient Packet Validation in FreeRTOS-Plus-TCP from AWS

CVE-2026-7422

AwsFreertos-plus-tcp7.1HIGH

Arbitrary Code Execution Vulnerability in Qnabot-on-AWS by AWS

CVE-2026-7191

AwsQnabot On Aws8.6HIGH

Path Traversal Vulnerability in Tough by AWS Labs

CVE-2026-6968

AwsTough7.1HIGH

Metadata Integrity Vulnerability in Awslabs Tough Product

CVE-2026-6967

AwsTough7.1HIGH

Signature Verification Flaw in Tough by AWS Labs

CVE-2026-6966

AwsTough7HIGH

Improper Attribute Modification in AWS Ops Wheel Affects Cognito User Pools

CVE-2026-6912

AwsAws Ops Wheel8.7HIGH

JWT Vulnerability in AWS Ops Wheel Allows Unauthorized Access

CVE-2026-6911

AwsAws Ops Wheel9.3CRITICAL

Command Injection Vulnerability in AWS MCP Server by Amazon

CVE-2026-5059

Aws-mcp-serverAws-mcp-server9.8CRITICAL

Command Injection Vulnerability in AWS MCP Server

CVE-2026-5058

Aws-mcp-serverAws-mcp-server9.8CRITICAL

Out-of-Bounds Write Vulnerability in Amazon Firecracker

CVE-2026-5747

AwsFirecracker8.7HIGH

Remote Code Execution Flaw in AWS Research and Engineering Studio

CVE-2026-5709

AwsResearch And Engineeri...7.7HIGH

Privilege Escalation Issue in AWS Research and Engineering Studio

CVE-2026-5708

AwsResearch And Engineeri...8.7HIGH

Vulnerability Published:

Sort By:

10 June 2026

OS Command Injection in NodejsFunction Bundling in aws-cdk-lib

8 June 2026

Code injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent import

5 June 2026

Privilege Escalation in AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL

Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

2 June 2026

HTTP Fallback Vulnerability in Graph Explorer by AWS

Insufficient Access Control in Amazon Kiro IDE

28 May 2026

Improper Certificate Validation in ExAws SNS by ExAws

22 May 2026

Insecure Deserialization Vulnerability in Amazon Braket SDK by AWS

Input Validation Flaw in Kiro CLI Tool by Kiro

20 May 2026

Remote File Read Vulnerability in RabbitMQ AWS Plugin by Amazon

18 May 2026

Code Execution Vulnerability in Amazon Redshift Python Driver by AWS

30 April 2026

Improper Input Handling in Amazon ECS Agent on Windows

29 April 2026

Integer Underflow Vulnerability in FreeRTOS Product by Amazon

Insufficient Packet Validation in FreeRTOS-Plus-TCP from AWS

27 April 2026

Arbitrary Code Execution Vulnerability in Qnabot-on-AWS by AWS

24 April 2026

Path Traversal Vulnerability in Tough by AWS Labs

Metadata Integrity Vulnerability in Awslabs Tough Product

Signature Verification Flaw in Tough by AWS Labs

Improper Attribute Modification in AWS Ops Wheel Affects Cognito User Pools

JWT Vulnerability in AWS Ops Wheel Allows Unauthorized Access

11 April 2026

Command Injection Vulnerability in AWS MCP Server by Amazon

Command Injection Vulnerability in AWS MCP Server

7 April 2026

Out-of-Bounds Write Vulnerability in Amazon Firecracker

6 April 2026

Remote Code Execution Flaw in AWS Research and Engineering Studio

Privilege Escalation Issue in AWS Research and Engineering Studio