Out-of-Bounds Write Vulnerability in Amazon Athena ODBC Driver
CVE-2026-35559

7.1HIGH

Key Information:

Vendor

Amazon

Status
Amazon Athena Odbc Driver
Vendor
CVE Published:
3 April 2026

What is CVE-2026-35559?

An out-of-bounds write vulnerability has been identified in the query processing components of the Amazon Athena ODBC driver. This flaw, present in versions prior to 2.1.0.0, may allow a threat actor to disrupt the functioning of the driver by sending specially crafted data during query operations. Users are advised to upgrade to version 2.1.0.0 to mitigate the risk associated with this vulnerability.

Affected Version(s)

Amazon Athena ODBC driver 2.1.0.0

References

https://aws.amazon.com/security/security-bulletins/2026-0...
vendor-advisory
https://downloads.athena.us-east-1.amazonaws.com/drivers/...
patch
https://downloads.athena.us-east-1.amazonaws.com/drivers/...
patch

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.