{"total":72,"page":1,"count":50,"advisories":[{"id":"d2b38106-fc4b-4368-bee2-fef4e1cd5c40","num":170108,"source_id":"aws","external_id":"1a720ff5e3d8d49c6ed341d954af78287387c967","title":"CVE-2026-14904 - Improper Link Resolution in Auth.GetUserPrivateKey in AWS Research and Engineering Studio","summary":"Bulletin ID: 2026-053-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/07/2026 09:45 AM PDT Description: AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. We identified an improper link resolution before file access issue (CWE-59) in the Auth.GetUserPrivateKey API. An authenticated remote user could read arbitrary files on the cluster-manager EC2 instance by replacing their SSH private key file (~/.ssh/id_rsa) with a symbolic link targeting any file on the host. Because the cluster-manager process runs as root, any file readable by root is exposed, including other users' SSH private keys and application configuration secrets. Impacted versions: <=2026.03 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-053-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-14904"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T21:39:56+00:00"},{"id":"d11a12f8-c839-49cc-b98d-8f5b06e51b44","num":170117,"source_id":"aws","external_id":"28e9a8abacb1b7906538e9662e6798872a2591c8","title":"CVE-2026-14471 - Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry","summary":"Bulletin ID: 2026-052-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/06/2026 13:45 PM PDT Description: Amazon mcp-gateway-registry is an open-source gateway and registry for Model Context Protocol (MCP) servers, providing centralized discovery, authentication/authorization, and proxying of MCP tools for AI agents. We identified CVE-2026-14471, an issue in the metrics-service retention policy management component where a caller-supplied table_name value is interpolated into SQL statements in identifier position without proper neutralization. An authenticated remote user is able to supply a crafted table_name value to execute arbitrary SQL queries against the metrics database. This allows the user to read stored data (including API key material) and to delete or alter stored data. Impacted versions: >=1.0.3 AND <=1.0.12 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-052-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-14471"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T20:50:20+00:00"},{"id":"ebb8170b-134c-4c8d-bd4a-77089442936d","num":170104,"source_id":"aws","external_id":"49d6733217ac515765364c34b108e5ae6d6c24eb","title":"CVE-2026-14265- Deserialization of Untrusted Data in AWS Advanced JDBC Wrapper RemoteQueryCachePlugin","summary":"Bulletin ID: 2026-051-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/01/2026 12:45 PM PDT Description: The AWS Advanced JDBC Wrapper is an open-source JDBC driver wrapper that extends a JDBC driver to enable Amazon Aurora and AWS Cloud features such as failover handling and caching. We identified CVE-2026-14265, an issue in the RemoteQueryCachePlugin of the AWS Advanced JDBC Wrapper. When this plugin is enabled, query results read from the shared Redis/Valkey cache are deserialized without class filtering. An actor with write access to the shared cache infrastructure could insert a crafted serialized Java object that, when read by an application, results in execution of arbitrary code on the application server. Impacted versions: >=3.3.0 AND <=4.0.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-051-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-14265"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T19:40:00+00:00"},{"id":"e3b8bcf3-6323-411d-9742-261be616ae31","num":170096,"source_id":"aws","external_id":"d58fecee6b38a183b80251dccd4c11c85db2b3ca","title":"CVE-2026-13760 - OS Command Injection in NodejsFunction Docker Bundling in aws-cdk-lib","summary":"Bulletin ID: 2026-050-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/01/2026 12:15 PM PDT Description: AWS CDK (aws-cdk-lib) is an open-source framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. We identified CVE-2026-13760, an OS command injection issue in the NodejsFunction Docker bundling pipeline in aws-cdk-lib before 2.260.0 that could allow an actor who controls dependency version strings in a project's package.json file to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters in the OsCommand helper. This issue requires the actor to control the content of a package.json dependency version string that is processed during Docker-based bundling with nodeModules specified. Impacted versions: < 2.260.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-050-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-13760"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T19:09:41+00:00"},{"id":"0454f2d5-6a49-43ba-b83d-a3d57fb60b01","num":170071,"source_id":"aws","external_id":"b45733c9486599cf4534d3023945b89e54f31012","title":"CVE-2026-13769 – Insecure file permissions in AWS CLI","summary":"Bulletin ID: 2026-049-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/01/2026 11:45 AM PDT Description: The AWS Command Line Interface (AWS CLI) is a unified tool for managing AWS services from the command line. We identified CVE-2026-13769 in AWS CLI on Unix-like systems where the umask has not been configured to restrict file permissions (the default on most systems) wrote credential and configuration files with world-readable permissions, which allows other local users on the same host to read credentials. Impacted versions: <=1.44.77 (v1) AND <=2.34.28 (v2) Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-049-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-13769"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T18:45:24+00:00"},{"id":"3b220f0f-6b87-463b-b2ea-17b9806fa7d7","num":170067,"source_id":"aws","external_id":"f4124d5ef763ac66641d7a85dd28007cd8759e86","title":"CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF","summary":"Bulletin ID: 2026-048-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/29/2026 11:15 PM PDT Description: AWS WAF is a web application firewall that monitors the HTTP(S) requests that are forwarded to your protected web application resources. We identified CVE-2026-13762 and CVE-2026-13763, which are issues affecting HTTP/2 multi-frame request body inspection by AWS WAF. CVE-2026-13762 affects AWS WAF deployment with CloudFront. This issue was remediated server-side; no customer action is required. CVE-2026-13763 affects AWS WAF deployment with AWS Application Load Balancer (ALB). Under certain conditions, a crafted multi-frame HTTP/2 request could cause only a partial request body to be inspected. This issue has been addressed on ALB, and customers can ensure full protection by configuring how AWS WAF inspects HTTP/2 request bodies on their ALB. Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-048-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-13762","CVE-2026-13763"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T20:07:32+00:00"},{"id":"1a8330c8-a47c-464a-9548-21cf85829bfb","num":170072,"source_id":"aws","external_id":"d33a216474b1f059f63b09ec5274d2b7cec37b56","title":"CVE-2026-12957 and CVE-2026-12958 - Issues in Language Servers for AWS and Amazon Q Developer Plugins","summary":"Bulletin ID: 2026-047-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/23/2026 09:30 AM PDT Description: Language Servers for AWS provide the underlying language-server runtime that powers Amazon Q Developer's AI coding assistance across its IDE plugins (Visual Studio Code, JetBrains, Eclipse, and Visual Studio). We identified CVE-2026-12957, an improper trust boundary enforcement issue in Language Servers for AWS before version 1.65.0. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed. This issue requires the user to trust the workspace when prompted. We identified CVE-2026-12958, a missing symlink-validation issue in Language Servers for AWS before version 1.69.0. This may occur when a local user opens a workspace with a maliciously crafted symlink that resolves to a file path outside the workspace trust boundary. These issues affect the Amazon Q Developer IDE plugins, which bundle Language Servers for AWS. Both issues are remediated in Language Servers for AWS version 1.69.0. Affected products & versions: - Language Servers for AWS: < 1.69. - Amazon Q Developer for Visual Studio Code: < 2.20 - Amazon Q Developer for JetBains: < 4.3 - Amazon Q Developer for Eclipse: < 2.7.4 - AWS Toolkit with Amazon Q for Visual Studio: < 1.94.0.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-047-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-12957","CVE-2026-12958"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T16:11:40+00:00"},{"id":"28847c10-0ed6-40d4-908b-0acbec85b8d8","num":170080,"source_id":"aws","external_id":"fffdfafbdb7d63bb1f47888b9cd09eb3bf7a24bc","title":"Issue with containerd CRI Plugin - CVE-2026-50195, CVE-2026-53488, CVE-2026-53492, CVE-2026-53489, CVE-2026-47262","summary":"Bulletin ID: 2026-046-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/18/2026 17:30 PM PDT Description: containerd is an open-source container runtime used by Kubernetes via the Container Runtime Interface (CRI) plugin. It underpins AWS managed container services including Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic Container Service (Amazon ECS), AWS Fargate, Bottlerocket, and Amazon Linux. AWS identified five issues in the containerd CRI plugin affecting versions 1.7 through 2.3. - CVE-2026-50195 (GHSA-cvxm-645q-p574) - CRI checkpoint import, local image tag poisoning - CVE-2026-53488 (GHSA-xhf5-7wjv-pqxp) - image-config LABEL -> host-root command exec - CVE-2026-53492 (GHSA-33vj-92qq-66hc) - CDI annotation smuggling during checkpoint restore - CVE-2026-53489 (GHSA-rgh6-rfwx-v388) - arbitrary host file read via symlink in checkpoint restore - CVE-2026-47262 (GHSA-jpcc-p29g-p8mq) - image-triggered runtime DoS Impacted versions: containerd 1.7, 2.0, 2.1, 2.2, 2.3 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-046-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-50195","CVE-2026-53488","CVE-2026-53492","CVE-2026-53489","CVE-2026-47262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-19T00:29:27+00:00"},{"id":"df2faf99-5cd4-40dc-bd12-b5d11bd39a53","num":170111,"source_id":"aws","external_id":"7b1a16d63febf24ec5b9ccc7173de95770d15eed","title":"CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()","summary":"Bulletin ID: 2026-044-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/17/2026 14:15 PM PDT Description: The AWS Bedrock AgentCore Python SDK (bedrock-agentcore) is an open-source SDK that enables developers to build, deploy, and manage agents on AWS Bedrock AgentCore. We identified CVE-2026-12530, an issue in the install_packages() method of the Code Interpreter client. The method applied an incomplete blocklist to sanitize package name arguments before constructing a 'pip install' shell command executed within the Code Interpreter sandbox. This allowed crafted package name arguments to bypass validation ‐ most critically, pip's '‐‐index‐url' flag, which could redirect package resolution to an third‐party‐controlled PyPI server, and the '-r' flag, which could read and expose arbitrary sandbox files. Impacted versions: AWS Bedrock AgentCore Python SDK (bedrock-agentcore) versions >= 1.1.3 and < 1.6.1 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-044-aws/","severity":"critical","cvss":null,"cves":["CVE-2026-12530"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T21:16:00+00:00"},{"id":"ba94cd13-e0a5-4c4c-b620-fb36107ece52","num":170084,"source_id":"aws","external_id":"bcf0b26cc032803ea5a8671f95888b84bad4e08b","title":"CVE-2026-11931 - Insecure Permissions on Authentication Token Cache File in Kiro IDE","summary":"Bulletin ID: 2026-045-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/15/2026 11:45 AM PDT Description: Kiro IDE is an agentic development environment that makes it easy for developers to ship real engineering work with the help of AI agents. We identified CVE-2026-11931, where incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). Impacted versions: < 0.11.133 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-045-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-11931"],"exploited":false,"has_exploit":false,"published_at":"2026-06-15T18:41:08+00:00"},{"id":"04808f2e-0b07-4681-b446-b20309dc3cf5","num":170101,"source_id":"aws","external_id":"fe3f111309aa77103f632e1b0783574b4c3d67c0","title":"CVE-2026-12043 - Heap double-free in AWS Common Runtime aws-c-http","summary":"Bulletin ID: 2026-043-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/12/2026 11:45 AM PDT Description: AWS Common Runtime aws-c-http is a HTTP client library used by AWS SDKs for handling http requests to AWS services. We identified CVE-2026-12043, an issue where improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2 HEADERS frames. Impacted versions: aws-c-http >= 0.4.22 AND <= 0.10.15 Exposed in following sdk versions: - aws-sdk-cpp >= 1.11.41, <= 1.11.814 - aws-sdk-java-v2 >= 2.44.27, <= 2.44.14 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-043-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-12043"],"exploited":false,"has_exploit":false,"published_at":"2026-06-12T18:48:49+00:00"},{"id":"a20c145f-a3ce-4cc7-9875-e0643c50a5b5","num":170130,"source_id":"aws","external_id":"f1ec681509fa863c47d21c3469eb59f996a89c38","title":"CVE-2026-10740 - Excessive memory allocation in s2n-quic","summary":"Bulletin ID: 2026-042-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/10/2026 11:15 AM PDT Description: s2n-quic is a Rust implementation of the QUIC protocol. We identified CVE-2026-10740, an issue of unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.82.0. An unauthenticated user can attempt to exhaust server memory on an s2n-quic endpoint by sending crafted CRYPTO frames with high offsets. The buffer used for processing CRYPTO frames does not enforce a maximum size. In the worst case, a single 1200-byte packet can cause approximately 9.4 MB of allocation. By repeatedly sending such packets, the resulting memory pressure could cause denial of service. No valid handshake is required. Impacted versions: < v1.82.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-042-aws/","severity":"high","cvss":null,"cves":["CVE-2026-10740"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T18:15:57+00:00"},{"id":"aa51b97b-5894-4530-9e7a-f34572344f42","num":170120,"source_id":"aws","external_id":"6ca7b46a440f328c884abec4d2e1826e63e1a2cb","title":"CVE-2026-10740 - Excessive memory allocation in s2n-quic","summary":"Bulletin ID: 2026-041-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/10/2026 10:45 AM PDT Description: AWS CDK (aws-cdk-lib) is an open-source framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. We identified CVE-2026-11417, an OS command injection issue in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) that may allow an actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters. This issue requires the actor to control the value of one or more of the affected bundling properties in the CDK application. Impacted versions: < 2.245.0 (on Windows, < 2.246.0) Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-041-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-10740","CVE-2026-11417"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T17:51:59+00:00"},{"id":"d7120ed1-8bcf-4b79-ad34-e1ed8e370e62","num":170126,"source_id":"aws","external_id":"9a41b86d4d6786ee42ba514d571f1bab09e58cf3","title":"CVE-2026-11393 - Code Injection via Improper Triple-Quote Escaping in AgentCore CLI Bedrock Agent Import","summary":"Bulletin ID: 2026-040-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/08/2026 11:45 AM PDT Description: The AWS AgentCore CLI (@aws/agentcore) is a developer tool for managing agent infrastructure lifecycle on Amazon Bedrock AgentCore. We identified CVE-2026-11393 in which improper neutralization of triple-quote characters during Python code generation may allow an authenticated user in the same AWS account to inject arbitrary Python code into the source file generated by the \"agentcore add agent ‐‐type import\" command. Specifically, the collaborationInstruction field of a Bedrock Agent collaborator association was interpolated into a triple-quoted Python docstring using single-quote escaping rather than triple-quote escaping. A user with bedrock:AssociateAgentCollaborator IAM permission could craft a collaborationInstruction value containing \"\"\" to break out of the docstring boundary in the generated main.py of the imported agent. If that generated file was subsequently executed - either via agentcore dev on the developer's local machine, or via agentcore deploy followed by agentcore invoke in the AgentCore Runtime environment - the injected Python would run with the credentials available in that context. Impacted versions: - @aws/agentcore >= 0.4.0 AND <= 0.14.1 - preview versions >= 0.3.0-preview.7.0 and <= 1.0.0-preview.8 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-040-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-11393"],"exploited":false,"has_exploit":false,"published_at":"2026-06-08T18:54:30+00:00"},{"id":"35f74b7a-fa75-4c25-a532-81e174e5e873","num":170087,"source_id":"aws","external_id":"dfee37aba8054b8e2c08d4e5ff962f9cf620161b","title":"[Redirected] Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84)","summary":"Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/07/23 6:00 PM PDT Updated Date: 2025/07/25 6:00 PM PDT Description: Amazon Q Developer for Visual Studio Code (VS Code) Extension is a development tool that integrates Amazon Q's AI-powered coding assistance directly into the VS Code integrated development environment (IDE). AWS is aware of and has addressed an issue in the Amazon Q Developer for VS Code Extension, which is assigned to CVE-2025-8217. AWS Security has inspected the code and determined the malicious code was distributed with the extension but was unsuccessful in executing due to a syntax error. This prevented the malicious code from making changes to any services or customer environments. We will update this bulletin if we have additional information to share. Affected version: Amazon Q Developer for Visual Studio Code Extension (version 1.84.0)","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-015/","severity":"unknown","cvss":null,"cves":["CVE-2025-8217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"a3e816f4-cd74-4510-a75e-27e638afb950","num":170069,"source_id":"aws","external_id":"686c213f16536854044ac462bb1cd389260f77c6","title":"Issues with AWS Research and Engineering Studio (RES)","summary":"Bulletin ID: 2026-014-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/06 14:00 PM PDT Description: Research and Engineering Studio (RES) on AWS is an open source, web portal design for administrators to create and manage secure cloud-based research and engineering environments. We have identified the following issues with the AWS Research and Engineering Studio (RES). CVE-2026-5707: Unsanitized input in an OS Command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES) version 2025.03 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands as root on the virtual desktop host via a crafted session name. CVE-2026-5708: Improper control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (RES) before version 2026.03 might allow an authenticated remote user to escalate privileges and assume the Virtual Desktop Host instance profile permissions and interact with other AWS resources and services via a crafted API request. CVE-2026-5709: Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. Impacted versions: <= 2025.12.01 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-014-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-5707","CVE-2026-5708","CVE-2026-5709"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"9817af21-729e-4f46-8e85-b718cace35e7","num":170073,"source_id":"aws","external_id":"f1b8d4ffd3c46205c7ffa4f3cc2d0c3505fb6e10","title":"Security Findings in SageMaker Python SDK","summary":"Bulletin ID: 2026-004-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/02/02 14:30 PM PST Description: CVE-2026-1777 - Exposed HMAC in SageMaker Python SDK SageMaker Python SDK’s remote functions feature uses a per‑job HMAC key to protect the integrity of serialized functions, arguments, and results stored in S3. We identified an issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API. This allows third parties with DescribeTrainingJob permissions to extract the key, forge cloud-pickled payloads with valid HMACs, and overwrite S3 objects. CVE-2026-1778 - Insecure TLS Configuration in SageMaker Python SDK SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. We identified an issue where SSL certificate verification was globally disabled in the Triton Python backend. This configuration was introduced to work around SSL errors during model downloads from public sources (e.g., TorchVision) and it affected all HTTPS connections when the Triton Python model was imported. Impacted versions: - HMAC Configuration in SageMaker Python SDK v3 < v3.2.0 - HMAC Configuration in SageMaker Python SDK v2 < v2.256.0 - Insecure TLS Configuration in SageMaker Python SDK v3 < v3.1.1 - Insecure TLS Configuration in SageMaker Python SDK v2 < v2.256.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-004-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-1777","CVE-2026-1778"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"bf134fda-7b28-4460-947f-c2b7ba1bc167","num":170081,"source_id":"aws","external_id":"c8cb3a2d26a630fc4c4ff8d17160ee33fa9168d4","title":"CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer","summary":"Bulletin ID: 2026-003-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/01/23 12:30 PM PST Description: Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services. Firecracker runs in user space and uses the Linux Kernel-based Virtual Machine (KVM) to create microVMs. Each Firecracker microVM is further isolated with common Linux user-space security barriers by a companion program called \"jailer\". The jailer provides a second line of defense in case a user escapes from the microVM boundaries and it is released at each Firecracker version. We are aware of CVE-2026-1386, an issue that is related to the Firecracker jailer, which under certain circumstances can allow an user to overwrite arbitrary files in the host filesystem. AWS services that use Firecracker are not impacted by the issue as we appropriately restrict access to the host and the jailer folder, blocking the preconditions required for the attack to happen. Impacted versions: Firecracker version v1.13.1 and earlier and 1.14.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-003-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-1386"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"03287cc3-c1c5-417c-9cb5-abf4ce423958","num":170082,"source_id":"aws","external_id":"7d1b04c1e7481a2b244ce4edfd29e03c2dd97d1e","title":"CVE-2026-8686 - Heap out-of-bounds read in coreMQTT MQTT5 property parsing","summary":"Bulletin ID: 2026-032-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/15/2026 11:45 AM PDT Description: coreMQTT is a lightweight MQTT client library for embedded devices. We identified CVE-2026-8686, an issue where missing bounds validation in the MQTT v5.0 SUBACK and UNSUBACK property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service (crash via heap out-of-bounds read) by sending a crafted packet. Impacted versions: v5.0.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-032-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-8686"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"0399e258-2d1e-44c7-8bf3-151558b2ecac","num":170085,"source_id":"aws","external_id":"5727e89c281fc4909afe0c542efccc29f06734cd","title":"[Redirected] Memory Dump Issue in AWS CodeBuild","summary":"Bulletin ID: AWS-2025-016 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/07/25 6:00 PM PDT Description: AWS CodeBuild is a fully managed on-demand continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. Security researchers reported a CodeBuild issue that could be leveraged for unapproved code modification absent sufficient repository controls and credential scoping. The researchers demonstrated how a threat actor could submit a Pull Request (PR) that, if executed through an automated CodeBuild build process, could extract the source code repository (e.g. GitHub, BitBucket, or GitLab) access token through a memory dump within the CodeBuild build environment. If the access token has write permissions, the threat actor could commit malicious code to the repository. This issue is present in all regions for CodeBuild. During our investigation, we identified this technique was leveraged by a threat actor who extracted the source code repository access token for the AWS Toolkit for Visual Studio Code and AWS SDK for .NET repositories. We have assigned CVE-2025-8217 for this, please refer to the AWS Security Bulletin AWS-2025-015 for additional information. Source code repository credentials are required in CodeBuild to access repository content, create webhooks for automated builds, and execute the build on your behalf. If a PR submitter obtains CodeBuild's repository credentials, they could gain elevated permissions beyond their normal access level. Depending on the permissions customers grant in CodeBuild, these credentials might allow elevated privileges like webhook creation, which CodeBuild requires to integrate with source code repositories and set up automated builds, or commit code to the repository. To determine if this issue was leveraged by an untrusted contributor, we recommend reviewing git logs, e.g. GitHub logs, and look for anomalous activity of the crede","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-016/","severity":"unknown","cvss":null,"cves":["CVE-2025-8217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"0b995841-b9c2-44e2-a3c9-b83a33260097","num":170090,"source_id":"aws","external_id":"25fb7e5c3c2827b7e4e50acfcfe32b2d29fdcc26","title":"CVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWS","summary":"Bulletin ID: 2026-020-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/27 13:15 PM PDT Description: QnABot on AWS is an open-source solution that provides a multi-channel, multi-language conversational interface powered by Amazon Lex, Amazon OpenSearch Service, and optionally Amazon Bedrock. We identified CVE-2026-7191, where the improper use of the static-eval npm package may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context. By injecting a crafted conditional chaining expression via the Content Designer interface, an actor with Admin access could bypass the intended expression sandbox through JavaScript prototype manipulation. Successful exploitation may grant direct access to backend resources, including Lambda environment variables, OpenSearch indices, S3 objects, and DynamoDB tables, that are not exposed through normal administrative interfaces. Impacted versions: <=7.2.4 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-020-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-7191"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"fa7dbe00-acac-4dbf-9931-e964e297cacc","num":170078,"source_id":"aws","external_id":"a279f7f12d03f9614859cfa63f6cf79efe097503","title":"Fragnesia Local Privilege Escalation report via ESP-in-TCP in the Linux Kernel","summary":"Bulletin ID: 2026-029-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 18:45 PM PDT This is an ongoing issue. Information is subject to change. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information. Description: Amazon is aware of CVE-2026-46300, a report of an additional privilege escalation issue in the Linux kernel related to the DirtyFrag, copy.fail class of issues (CVE-2026-43284). The proof of concept uses a vector via the loadable module espintcp. Amazon Linux does not provide this module, and is not affected. As defense in depth we will include a correctness patch to the core networking code to harden against possible similar issues in network protocol implementations that rely on this behavior.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-029-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-46300","CVE-2026-43284"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"51d63ada-4db7-44e9-8d05-3506f9cd92a0","num":170106,"source_id":"aws","external_id":"3635024096b3b73d8fc9429563016dc326ab107f","title":"Dirty Frag and other issues in Amazon Linux kernels","summary":"Bulletin ID: 2026-027-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/07 19:45 PM PDT Description: Amazon is aware of a class of issues in the Linux kernel related to the original issue (CVE-2026-31431). The issues commonly referred to as \"DirtyFrag\" are present in a number of loadable modules, including xfrm_user/esp4/esp6 and ipcomp4/ipcomp6. On systems that allow unprivileged users to create sockets directly or through CAP_NET_ADMIN, or allow the creation of unprivileged user namespaces (user+net), an actor may gain access to kernel memory and thus escalate their privileges. Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-027-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"ea346981-34e4-4114-8168-35859a556c64","num":170131,"source_id":"aws","external_id":"c8a2546a619c4d3235fb3107e7c8681d4ac56f1c","title":"Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues","summary":"Bulletin ID: 2026-023-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/29 12:30 PM PDT Description: FreeRTOS-Plus-TCP is an open source TCP/IP stack implementation designed for FreeRTOS, providing a standard Berkeley sockets interface and support for essential networking protocols including IPv6, ARP, DHCP, DNS, and Router Advertisement (RA). We identified CVE-2026-7425 and CVE-2026-7426, one of them being out-of-bounds read and another one being out-of-bounds write issues respectively in the IPv6 Router Advertisement option parser where insufficient validation of length fields allows memory operations without proper bounds checking. Either issue can be exploited by any device on the local network that can send crafted Router Advertisement packets. No authentication or user interaction is required. Impacted versions: >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <=V4.4.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-023-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-7425","CVE-2026-7426"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"2aa866bf-5e2a-4e43-9534-b9f1bd7113e6","num":170118,"source_id":"aws","external_id":"9958b2c9fb3947698090a8fa7830d86f135f42cb","title":"Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC driver","summary":"Bulletin ID: AWS-2025-028 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/11/10 10:15 AM PDT Description: Amazon Aurora PostgreSQL a fully managed relational database engine that's compatible with PostgreSQL. We identified CVE-2025-12967, an issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. Impacted versions: - AWS JDBC Wrapper <2.6.5 - AWS Go Wrapper <2025-10-17 - AWS NodeJS Wrapper <2.0.1 - AWS Python Wrapper <1.4.0 - AWS ODBC driver <1.0.1","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-028/","severity":"low","cvss":null,"cves":["CVE-2025-12967"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"9e596d58-5705-4ae5-a57f-31654eaa6e9d","num":170133,"source_id":"aws","external_id":"f6b021e86198d0f7fe16365ace513c01c51d0110","title":"Issues in tough library and tuftool CLI utility","summary":"Bulletin ID: 2026-019-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/24 13:30 AM PDT Description: Multiple security issues have been identified in the tough library and tuftool CLI utility. tough is a Rust library used for generating, signing, and managing TUF (The Update Framework) repositories, and tuftool is the command-line interface for repository management Operations. The following issues have been identified: - CVE-2026-6966 - CVE-2026-6967 - CVE-2026-6968 Impacted versions: - tough: versions 0.1.0 through 0.21.x (inclusive) - tuftool: versions 0.1.0 through 0.14.x (inclusive) Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-019-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-6966","CVE-2026-6967","CVE-2026-6968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"f23170f6-8fcd-4e9c-b254-328c2051b8eb","num":170135,"source_id":"aws","external_id":"c20d7f16c2530ecbc837cd0c9a0270e0c514120a","title":"CVE-2026-10591 - Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths","summary":"Bulletin ID: 2026-037-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/02/2026 08:45 AM PDT Description: Kiro is an agentic IDE users install on their desktop. We identified CVE-2026-10591. Insufficient access control restrictions in the file write tool in Kiro IDE prior to version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths (such as .vscode/tasks.json), enabling auto-execution on folder open. Impacted versions: <0.11 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-037-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-10591"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"c7f3b75d-a91b-49b3-84da-c1cf80f6d7bd","num":170127,"source_id":"aws","external_id":"3dd3140cdedc2c648ce55943f7b5e4f46abf77bf","title":"CVE-2026-4428: Issues with AWS-LC - CRL Distribution Point Scope Check Logic Error","summary":"Bulletin ID: 2026-010-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/19 13:30 PM PDT Description: AWS-LC is a general-purpose cryptographic library maintained by AWS. We identified CVE-2026-4428 affecting X.509 certificate verification. A logic error in the CRL (Certificate Revocation List) distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point (IDP) extensions. Applications that do not enable CRL checking (X509_V_FLAG_CRL_CHECK) are not affected. Applications using complete (non-partitioned) CRLs without IDP extensions are also not affected. Impacted versions: - CRL Distribution Point Scope Check Logic Error in AWS-LC >= v1.24.0, < v1.71.0 - CRL Distribution Point Scope Check Logic Error in AWS-LC-FIPS >= AWS-LC-FIPS-3.0.0, < AWS-LC-FIPS-3.3.0 - CRL Distribution Point Scope Check Logic Error in aws-lc-sys >= v0.15.0, < v0.39.0 - CRL Distribution Point Scope Check Logic Error in aws-lc-fips-sys >= v0.13.0, < v0.13.13 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-010-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-4428"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"cbc3183b-fca1-4d65-b728-6bbdb6ecad1c","num":170128,"source_id":"aws","external_id":"3477edbcca031da35fbbce7c5a52812b78aa1b1e","title":"CVE-2026-5429 - Kiro IDE Webview Cross-Site Scripting via Workspace Color Theme","summary":"Bulletin ID: 2026-012-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/02 11:30 AM PDT Description: Kiro IDE is an agentic development environment that makes it easy for developers to ship real engineering work with the help of AI agents. We identified CVE-2026-5429, where unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a maliciously crafted color theme name when a local user opens the workspace. This issue requires the user to trust the workspace when prompted. Impacted versions: < 0.8.140 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-012-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-5429"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"cfe1e1d3-aef2-41a1-aa78-80613d6797dd","num":170075,"source_id":"aws","external_id":"1a4b49449fb810d419ae9d00d27aa731252ca7e5","title":"CVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP","summary":"Bulletin ID: 2026-022-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/29 12:20 PM PDT Description: FreeRTOS-Plus-TCP is an open-source, scalable TCP/IP stack for FreeRTOS. We identified CVE-2026-7424, where an integer underflow issue in the DHCPv6 sub-option parser could allow an adjacent network user to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (IP task freeze requiring hardware reset). Impacted versions: FreeRTOS-Plus-TCP >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <= V4.4.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-022-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-7424"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"40e9fc10-d1e4-47ed-9090-c920e39984ff","num":170077,"source_id":"aws","external_id":"da02a927d0e5392bf9f60102197e1d89f62a6c72","title":"CVE-2026-11400 and CVE-2026-11401","summary":"Bulletin ID: 2026-039-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/025/2026 12:15 PM PDT Description: Amazon Aurora PostgreSQL a fully managed relational database engine that's compatible with PostgreSQL. We identified CVE-2026-11400(JDBC) and CVE-2026-11401(Go), an issue in AWS Wrappers for Amazon Aurora PostgreSQL will allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. Impacted versions: - AWS Advanced JDBC Wrapper >=3.0.0 and < 4.0.1 - AWS Advanced Go Wrapper release 2026-04-06 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-039-aws/","severity":"low","cvss":null,"cves":["CVE-2026-11400","CVE-2026-11401"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"52c251eb-1c4b-4a47-b233-6ed2534c0f91","num":170083,"source_id":"aws","external_id":"c220fb45f66465dca7d87688fd495aa41bd8e29f","title":"CVE-2026-8178 - Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver","summary":"Bulletin ID: 2026-028-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/08 11:30 AM PDT Description: Amazon Redshift JDBC Driver is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs). We identified an issue in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application context. Impacted versions: Amazon Redshift JDBC Driver < 2.2.2 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-028-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-8178"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"58b4c32b-b316-4dc9-a2cd-b51ecf2b6a4e","num":170110,"source_id":"aws","external_id":"2b8fabf2c3c0de6402207096d18d9a4e9e3eb7a6","title":"CVE-2026-9133 - Arbitrary file read in rabbitmq-aws plugin","summary":"Bulletin ID: 2026-034-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/20/2026 12:45 PM PDT Description: rabbitmq-aws is a RabbitMQ plugin that resolves AWS ARNs in broker configuration at startup, fetching secrets (e.g., TLS certificates, private keys, passwords) from AWS services (Secrets Manager, S3, ACM Private CA) and passing them in-memory to RabbitMQ. We identified CVE-2026-9133, an active debug code issue in the plugin's ARN resolver. A debug ARN scheme (arn:aws-debug:file) accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the RabbitMQ process. The debug code was inadvertently shipped in production builds with no mechanism to disable it. Impacted versions: >=0.1.0, <=0.2.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-034-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-9133"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"abbe0483-5b4f-4bdc-8742-628c27c18b8d","num":170124,"source_id":"aws","external_id":"dae36683a23c5be1d2a2ba15597291a12fc03766","title":"CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer","summary":"Bulletin ID: 2026-038-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/02/2026 12:15 PM PDT Description: Graph Explorer is an open source application that provides visualization and exploration of data in graph databases such as Amazon Neptune. We identified CVE-2026-10584 where, under certain circumstances, the server silently falls back to HTTP when HTTPS is enabled but certificates are unavailable, resulting in cleartext transmission of sensitive information. Impacted versions: >= 1.1.0 AND < 3.0.1 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-038-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-10584"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"e341f986-683b-4718-9818-aa5f982411f6","num":170129,"source_id":"aws","external_id":"5568cbf1a700e8a67cd1cbbfe25657eaaf9ae48f","title":"CVE-2026-7791 - Local Privilege Escalation via TOCTOU Race Condition in Amazon WorkSpaces Skylight Agent","summary":"Bulletin ID: 2026-025-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/04 15:30 PM PDT Description: Amazon Skylight Workspace Config Service ( slwsconfigservice) is a critical background service within Amazon WorkSpaces that manages system configuration, monitors health, and updates components. We identified CVE-2026-7791 which allows a local non-admin authenticated user to escalate privileges to SYSTEM by exploiting a race condition in the Skylight Workspace Config Service's log file archival process. Impacted versions: < 2.6.2034.0 of the Windows Amazon Skylight Workspace Config Service (slwsconfigservice) Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-025-aws/","severity":"critical","cvss":null,"cves":["CVE-2026-7791"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"8e94836b-b931-4e2d-a9b9-99204b7ccce5","num":170079,"source_id":"aws","external_id":"de232c0690c48585a713a5e249342638401801af","title":"CVE-2026-6437 - Mount Option Injection in Amazon EFS CSI Driver","summary":"Bulletin ID: 2026-016-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/17 11:15 AM PDT Description: The Amazon EFS CSI Driver is a Container Storage Interface driver that allows Kubernetes clusters to use Amazon Elastic File System. We identified CVE-2026-6437, where an actor with PersistentVolume creation privileges can inject arbitrary mount options via two unsanitized fields: the Access Point ID in volumeHandle and the mounttargetip volumeAttribute. In both cases, appending comma-separated values causes the mount utility to parse them as separate mount options. No AWS service is affected. Impacted versions: EFS CSI Driver <&equal; v3.0.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-016-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-6437"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"5de0aaab-b140-47c9-90b0-c4408cb2a17b","num":170086,"source_id":"aws","external_id":"329b7aa3100c17fa3385a8aa0ad1b894d820fcca","title":"Unanchored ACCOUNT_ID webhook filters for CodeBuild","summary":"Bulletin ID: 2026-002-AWS Scope: AWS Content Type: Informational Publication Date: 2026/01/15 07:03 AM PST Description: A security research team identified a configuration issue affecting the following AWS-managed open source GitHub repositories that could have resulted in the introduction of inappropriate code: - aws-sdk-js-v3 - aws-lc - amazon-corretto-crypto-provider - awslabs/open-data-registry Specifically, researchers identified the above repositories' configured regular expressions for AWS CodeBuild webhook filters intended to limit trusted actor IDs were insufficient, allowing a predictably acquired actor ID to gain administrative permissions for the affected repositories. We can confirm these were project-specific misconfigurations in webhook actor ID filters for these repositories and not an issue in the CodeBuild service itself. The researchers carefully demonstrated the potential to commit inappropriate code, through an empty code commit, to one repository and promptly informed AWS Security of their research activity and its potential negative impact. No inappropriate code was introduced to any of the affected repositories during this security research activity, the demonstrated empty code commit to one repository had no impact to any AWS customer environments and did not impact any AWS services or infrastructure. No customer action is required. Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-002-aws/","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"210ce126-2319-4149-a7ae-f2be315a17e5","num":170119,"source_id":"aws","external_id":"9dc84ec94144a9069182e2cd581c9e9f885b660b","title":"CVE-2025-66478: RCE in React Server Components","summary":"Bulletin ID: AWS-2025-030 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/12/03 20:00 PM PST Description: AWS is aware of the recently disclosed CVE-2025-55182 which affects the React Server Flight protocol in React versions 19.0, 19.1, and 19.2, as well as in Next.js versions 15.x, 16.x, Next.js 14.3.0-canary.77 and later canary releases when using App Router. This issue may permit unauthorized remote code execution on affected applications servers. AWS is aware of CVE-2025-66478, which has been rejected as a duplicate of CVE-2025-55182. Customers using managed AWS services are not affected, and no action is required. Customers running an affected version of React or Next.js in their own environments should update to the latest patched versions immediately: - Customers using React 19.x, with Server Functions and RSC Components should update to the latest patched versions 19.0.1, 19.1.2, and 19.2.1 - Customers using Next.js 15-16 with App Router should update to a patched version","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-030/","severity":"unknown","cvss":null,"cves":["CVE-2025-66478","CVE-2025-55182"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"c689ea1b-598f-408c-a04d-6f61265259b1","num":170122,"source_id":"aws","external_id":"532523680b7d8fcd583296e57a0eb6f06e971c90","title":"CVE-2026-4270 - AWS API MCP File Access Restriction Bypass","summary":"Bulletin ID: 2026-007-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/16 09:15 AM PDT Description: The AWS API MCP Server is an open source Model Context Protocol (MCP) server that enables AI assistants to interact with AWS services and resources through AWS CLI commands. It provides programmatic access to manage your AWS infrastructure while maintaining proper security controls. This server acts as a bridge between AI assistants and AWS services, allowing you to create, update, and manage AWS resources across all available services. The server includes a configurable file access feature that controls how AWS CLI commands interact with the local file system. By default, file operations are restricted to a designated working directory (workdir), but this can be configured to allow unrestricted file system access (unrestricted) or to block all local file path arguments entirely (no-access). We identified CVE-2026-4270: Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context. Impacted versions: awslabs.aws-api-mcp-server >= 0.2.14, < 1.3.9 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-007-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-4270"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"f838d2b7-e566-403a-811c-a0702c65a5c8","num":170066,"source_id":"aws","external_id":"4e7bbcc06c6a97bf8689e85f314431510a3ef71e","title":"Ongoing updates on Copy.fail and variants","summary":"Bulletin ID: 2026-030-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 10:00 PM PDT This is an ongoing issue. This bulletin will be updated as more information becomes available. Description: AWS is aware of the copy.fail or DirtyFrag class of issues - a set of privilege escalation issues affecting the Linux Kernel. We will update this bulletin as more information becomes available. Please see below for current patching timelines for affected services related to the Copy.fail kernel issue and all its variants. AWS recommends that customers apply all updates addressing these issues as soon as they are available. See more details at Security Bulletin (ID: 2026-030-AWS).","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-030-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-46300","CVE-2026-43284","CVE-2026-31431","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"c31bb2c2-63ed-4a5e-b596-12b0436727b6","num":170068,"source_id":"aws","external_id":"61224a968ee66a71e661f9d9b8eaadb7d3ec76cb","title":"Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)","summary":"Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST Description: AWS-LC is an open-source, general-purpose cryptographic library. We identified three distinct issues: - CVE-2026-3336: PKCS7_verify Certificate Chain Validation Bypass in AWS-LC Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. - CVE-2026-3337: Timing Side-Channel in AES-CCM Tag Verification in AWS-LC Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. - CVE-2026-3338: PKCS7_verify Signature Validation bypass in AWS-LC Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Impacted versions: - PKCS7_verify Certificate Chain Validation Bypass in AWS-LC >= v1.41.0, < v1.69.0 - PKCS7_verify Certificate Chain Validation Bypass in aws-lc-sys >= v0.24.0, < v0.38.0 - Timing Side-Channel in AES-CCM Tag Verification in AWS-LC >= v1.21.0, < v1.69.0 - Timing Side-Channel in AES-CCM Tag Verification in AWS-LC >= AWS-LC-FIPS-3.0.0, < AWS-LC-FIPS-3.2.0 - Timing Side-Channel in AES-CCM Tag Verification in aws-lc-sys >= v0.14.0, < v0.38.0 - Timing Side-Channel in AES-CCM Tag Verification in aws-lc-sys-fips >= v0.13.0, < v0.13.12 - PKCS7_verify Signature Validation bypass in AWS-LC >= v1.41.0, < v1.69.0 - PKCS7_verify Signature Validation bypass in aws-lc-sys >= v0.24.0, < v0.38.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-005-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-3336","CVE-2026-3337","CVE-2026-3338"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"c446011c-3480-400a-b876-b4ff9cbac7f9","num":170094,"source_id":"aws","external_id":"728d2ba7c10946b0abdf5626bdac27dc5f39b67d","title":"CVE-2025-9039 - Issue with Amazon ECS agent introspection server","summary":"Bulletin ID: AWS-2025-018 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/08/14 09:15 PM PDT Description: Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. Amazon ECS container agent provides an introspection API that provides information about the overall state of the Amazon ECS agent and the container instances. We identified CVE-2025-9039, an issue in the Amazon ECS agent. Under certain conditions, this issue could allow an introspection server to be accessed off-host by another instance if the instances are in the same security group or if their security groups allow inbound connections to the introspection server port. This issue does not affect instances where the option to allow off-host access to the introspection server is set to \"false\". Affected versions: ECS Agent versions 0.0.3 through 1.97.0","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-018/","severity":"unknown","cvss":null,"cves":["CVE-2025-9039"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"fe09be3e-ce11-46cc-a0c3-fbe76e68ae58","num":170098,"source_id":"aws","external_id":"a5c7e6133d7e110740c9ac51171cd015965eccab","title":"Buffer Over-read when receiving improperly sized ICMPv6 packets","summary":"Bulletin ID: AWS-2025-023 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/10/10 10:15 PM PDT We identified the following CVEs: CVE-2025-11616 - A Buffer Over-read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. CVE-2025-11617 - A Buffer Over-read when receiving a IPv6 packet with incorrect payload lengths in the packet header. CVE-2025-11618 - An invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. Description: FreeRTOS-Plus-TCP is an open source TCP/IP stack implementation specifically designed for FreeRTOS. The stack provides a standard Berkeley sockets interface and supports essential networking protocols including IPv6, ARP, DHCP, DNS, LLMNR, mDNS, NBNS, RA, ND, ICMP, and ICMPv6. These issues only affect applications using IPv6. Affected versions: v4.0.0 to v4.3.3, if IPv6 support is enabled","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-023/","severity":"unknown","cvss":null,"cves":["CVE-2025-11616","CVE-2025-11617","CVE-2025-11618"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"07974f90-23f8-4ee3-9d8e-81c5ae45c754","num":170099,"source_id":"aws","external_id":"bae22f80e036b03d7bb31f66c2ad9f88acdbfde0","title":"CVE-2025-11573 - Denial of Service issue in Amazon.IonDotnet","summary":"Bulletin ID: AWS-2025-022 Scope: Amazon Content Type: Important (requires attention) Publication Date: 2025/10/09 11:00 PM PDT Description: Amazon.IonDotnet is a library for the Dotnet language that is used to read and write Amazon Ion data. We identified CVE-2025-11573, which describes an infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 that may allow a threat actor to cause a denial of service through a specially crafted text input. As of August 20, 2025, this library has been deprecated and will not receive further updates. Affected versions: <1.3.2","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-022/","severity":"unknown","cvss":null,"cves":["CVE-2025-11573"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"812614fb-f336-456b-bcf9-73087ad6aab1","num":170102,"source_id":"aws","external_id":"64cc4e1e2e83cc933b1f8251318a7d6ad051a45b","title":"IMDS impersonation","summary":"Bulletin ID: AWS-2025-021 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/10/07 01:30 PM PDT Description: AWS is aware of a potential Instance Metadata Service (IMDS) impersonation issue that would lead to customers interacting with unexpected AWS accounts. IMDS, when running on an EC2 instance, runs on a loopback network interface and vends Instance Metadata Credentials, which customers use to interact with AWS Services. These network calls never leave the EC2 instance, and customers can trust that the IMDS network interface is within the AWS data perimeter. When using AWS tools (like the AWS CLI/SDK or SSM Agent) from non-EC2 compute nodes, there is a potential for a third party-controlled IMDS to serve unexpected AWS credentials. This requires the compute node to be running on a network where the third party has a privileged network position. AWS recommends that when using AWS Tools outside of the AWS data perimeter, customers follow the installation and configuration guides (AWS CLI/SDK or SSM Agent) to ensure this issue is mitigated. We also recommend that you monitor for IMDS endpoints that may be running in your on-prem environment to proactively prevent such impersonation issues from a third party. Affected versions: IMDSv1 and IMDSv2","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-021/","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"db5ce81e-dc50-4387-bdbd-4f242285358c","num":170134,"source_id":"aws","external_id":"a834ea4b2799d13f52b4af70bc99a80c38e5bbde","title":"MariaDB Server Audit Plugin Comment Handling Bypass","summary":"Bulletin ID: 2026-006-AWS Scope: AWS Content Type: Informational Publication Date: 2026/03/03 10:15 AM PST Description: Amazon RDS/Aurora is a managed relational database service. We identified CVE-2026-3494. In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (‐‐) or hash (#) style comments, the statement is not logged. Impacted versions: - MariaDB Server (10.6.24 and prior, 10.11.15 and prior, 11.4.9 and prior, and 11.8.5 and prior) - Amazon Aurora MySQL (2.12.5 and prior, 3.01.0 to 3.04.5, 3.05.1 to 3.10.2, and 3.11.0) - Amazon RDS for MySQL (5.7.44-RDS.20251212 and prior, 8.0.11 to 8.0.44, and 8.4.3 to 8.4.7) - Amazon RDS for MariaDB (10.6.24 and prior, 10.11.4 to 10.11.15, 11.4.3 to 11.4.9, and 11.8.3 to 11.8.5) Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-006-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-3494"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"25840080-72e0-4e54-9815-a4e26503b575","num":170070,"source_id":"aws","external_id":"3fffca4b7fa8004e57ab33f0ed7ae774fa9f5b9a","title":"Issue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply Integer Underflow","summary":"Bulletin ID: 2026-021-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/29 12:00 PM PDT Description: FreeRTOS-Plus-TCP is a scalable, open source, and thread-safe TCP/IP stack for FreeRTOS. - CVE-2026-7422: Insufficient packet validation in the IPv4 and IPv6 receive paths allows an adjacent network device to send a packet that bypasses checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the target device's own registered endpoints. - CVE-2026-7423: Integer underflow in the ICMP and ICMPv6 echo reply handlers allows an adjacent network device to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read. Impacted versions: >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <=V4.4.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-021-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-7422","CVE-2026-7423"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"8721f1d7-4342-4c47-87b6-f2ed8125b549","num":170074,"source_id":"aws","external_id":"adc7525b5938955eda2cdb34ea4c85fb4a5566a3","title":"Issue with Amazon SageMaker Python SDK - Model artifact integrity verification issues (CVE-2026-8596 & CVE-2026-8597)","summary":"Bulletin ID: 2026-031-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/14/2026 13:00 PM PDT Description: Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. The ModelBuilder component simplifies model deployment by automating model artifact preparation and SageMaker model creation. We identified two issues affecting the model artifact integrity verification mechanism in the ModelBuilder/Serve component: - CVE-2026-8596: We identified a cleartext storage of sensitive information issue in the ModelBuilder/Serve component. When building models using ModelBuilder, the SDK stored an HMAC signing key as a container environment variable (SAGEMAKER_SERVE_SECRET_KEY). This key was returned in plaintext by SageMaker describe APIs (DescribeModel, DescribeEndpointConfig, DescribeModelPackage). A remote authenticated actor with permissions to call these APIs and S3 write access to the model artifact path could extract the key, forge valid integrity signatures for specially crafted model artifacts, and achieve code execution in inference containers. - CVE-2026-8597: We identified a missing integrity verification issue in the Triton inference handler. The Triton handler deserialized model artifacts without performing integrity verification before execution. A remote authenticated actor with S3 write access to the model artifact path could replace model artifacts with a specially crafted pickle payload that would be deserialized without verification, achieving code execution in inference containers. Impacted versions: Amazon SageMaker Python SDK >= v2.199.0 AND <= v2.257.1, >= v3.0.0 AND <= v3.7.1 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-031-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-8596","CVE-2026-8597"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"293d0b4a-d6ef-494b-821a-faa54b193aff","num":170076,"source_id":"aws","external_id":"10f6ffb7af5a1090349062495a6b0a95e21c1c8f","title":"Issues with Amazon Athena ODBC Driver","summary":"Bulletin ID: 2026-013-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/03 13:00 PM PDT Description: The Amazon Athena ODBC driver implements standard ODBC application program interfaces (APIs). The ODBC driver provides access to Amazon Athena from any C/C++ application. The Amazon Athena ODBC driver provides 64-bit ODBC drivers for Windows, Linux and MAC operating systems. We identified the following: - CVE-2026-5485: OS command injection in browser-based authentication component (Linux only, fixed in 2.0.5.1) - CVE-2026-35558: Improper neutralization of special elements in authentication components - CVE-2026-35559: Out-of-bounds write in query processing components - CVE-2026-35560: Improper certificate validation in identity provider connection components - CVE-2026-35561: Insufficient authentication security controls in browser-based authentication components - CVE-2026-35562: Allocation of resources without limits in parsing components Impacted versions: CVE-2026-5485 was addressed in 2.0.5.1 (Linux only). The remaining five (CVE-2026-35558 through CVE-2026-35562) were addressed in version 2.1.0.0 and apply to all supported platforms Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-013-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-5485","CVE-2026-35558","CVE-2026-35559","CVE-2026-35560","CVE-2026-35561","CVE-2026-35562"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"},{"id":"912f55de-1c85-4bf4-8229-df64bcf101f7","num":170088,"source_id":"aws","external_id":"694b3839a0770cac669982a42f3161e15904eece","title":"CVE-2026-8838 - Remote Code Execution in amazon-redshift-python-driver","summary":"Bulletin ID: 2026-033-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/18/2026 13:45 PM PDT Description: amazon-redshift-python-driver is the official Python connector for Amazon Redshift. We identified a code injection issue in versions 2.1.13 and earlier that could allow a rogue server or man-in-the-middle to execute arbitrary code on the client. Impacted versions: <=2.1.13 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-033-aws/","severity":"unknown","cvss":null,"cves":["CVE-2026-8838"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00"}]}