Denial of Service Vulnerability in Amazon Athena ODBC Driver by AWS
CVE-2026-35562

8.7HIGH

Key Information:

Vendor

Amazon

Status
Amazon Athena Odbc Driver
Vendor
CVE Published:
3 April 2026

What is CVE-2026-35562?

The Amazon Athena ODBC driver prior to version 2.1.0.0 is susceptible to a vulnerability that allows attackers to exploit improper resource allocation during parsing operations. By supplying specially crafted input, a malicious actor can orchestrate a denial of service attack, leading to excessive consumption of system resources and potential disruption of service. To mitigate this risk, it is crucial for users to upgrade to the latest version 2.1.0.0.

Affected Version(s)

Amazon Athena ODBC driver 2.1.0.0

References

https://downloads.athena.us-east-1.amazonaws.com/drivers/...
patch
https://downloads.athena.us-east-1.amazonaws.com/drivers/...
patch
https://downloads.athena.us-east-1.amazonaws.com/drivers/...
patch

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.