Known Vulnerabilities for products from Amazon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Amazon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Amazon can be found at device.report : Amazon
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61448 json | Not Provided | 2026-07-11 | 2026-07-11 | |
| CVE-2026-53961 json | Not Provided | 2026-07-09 | 2026-07-10 | |
| CVE-2026-53034 json | Not Provided | 2026-06-24 | 2026-06-24 | |
| CVE-2026-50196 json | Not Provided | 2026-06-17 | 2026-06-18 | |
| CVE-2026-42526 json | Not Provided | 2026-05-19 | 2026-05-19 | |
| CVE-2026-42196 json | Not Provided | 2026-05-12 | 2026-05-13 | |
| CVE-2026-42193 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2026-35562 json | Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a th... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35561 json | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver bef... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35560 json | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 mi... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35559 json | Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35558 json | Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 migh... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-15296 json | Not Provided | 2026-07-10 | 2026-07-10 | |
| CVE-2026-14471 json | Not Provided | 2026-07-06 | 2026-07-07 | |
| CVE-2026-14265 json | Not Provided | 2026-07-01 | 2026-07-02 | |
| CVE-2026-13763 json | Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actor... | Not Provided | 2026-06-29 | 2026-07-01 |
| CVE-2026-13762 json | Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass ... | Not Provided | 2026-06-29 | 2026-07-01 |
| CVE-2026-10591 json | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote una... | Not Provided | 2026-06-02 | 2026-06-05 |
| CVE-2026-9255 json | Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute... | Not Provided | 2026-05-22 | 2026-06-04 |
| CVE-2026-7461 json | Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon EC... | Not Provided | 2026-04-30 | 2026-05-05 |
Known software with vulnerabilities from Amazon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Amazon | Amazon Freertos | 1.0.0 |
| Application | Amazon | Amazon Music | 6.1.5.1213 |
| Application | Amazon | Amazon Web Services Cloudformation Bootstrap | - |
| Application | Amazon | Amazon Web Services Freertos | 1.0.0 |
| Application | Amazon | Amazon Web Services Software Development Kit | 2.0.5 |
| Application | Amazon | Audible | 2.34.0 |
| Application | Amazon | Aws-lambda | 0.0.1 |
| Application | Amazon | Aws Command Line Interface | - |
| Operating System | Amazon | Aws Command Line Interface | - |
| Application | Amazon | Aws Encryption Sdk | - |
| Application | Amazon | Aws Javascript S3 Explorer | 1.0.0 |
| Application | Amazon | Aws S3 Crypto Sdk | - |
| Application | Amazon | Aws Sdk For Javascipt | - |
| Application | Amazon | Aws Shared Configuration File Loader | 0.1.0 |
| Hardware | Amazon | Blink Xt2 Sync Module | - |
| Operating System | Amazon | Blink Xt2 Sync Module Firmware | 2.13.11 |
| Application | Amazon | Corretto | 11 |
| Application | Amazon | Ec2 Api Tools Java Library | - |
| Application | Amazon | Elastic Load Balancing Api Tools | - |
| Application | Amazon | Firecracker | 0.1.0 |