Known Vulnerabilities for products from Amazon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Amazon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Amazon can be found at device.report : Amazon
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42196 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-42193 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2026-35562 json | Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a th... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35561 json | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver bef... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35560 json | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 mi... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35559 json | Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35558 json | Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 migh... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-33726 json | Not Provided | 2026-03-27 | 2026-03-27 | |
| CVE-2026-32265 json | Not Provided | 2026-03-18 | 2026-03-18 | |
| CVE-2026-8178 json | Not Provided | 2026-05-08 | 2026-05-08 | |
| CVE-2026-7461 json | Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon EC... | Not Provided | 2026-04-30 | 2026-05-05 |
| CVE-2026-7426 json | Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-7425 json | Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 a... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-7424 json | Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network ac... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-7423 json | Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-7422 json | Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all c... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-6968 json | Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing... | Not Provided | 2026-04-24 | 2026-05-06 |
| CVE-2026-6967 json | Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allow... | Not Provided | 2026-04-24 | 2026-05-06 |
| CVE-2026-6966 json | Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.... | Not Provided | 2026-04-24 | 2026-05-06 |
| CVE-2026-5709 json | Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 migh... | Not Provided | 2026-04-06 | 2026-04-10 |
Known software with vulnerabilities from Amazon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Amazon | Amazon Freertos | 1.0.0 |
| Application | Amazon | Amazon Music | 6.1.5.1213 |
| Application | Amazon | Amazon Web Services Cloudformation Bootstrap | - |
| Application | Amazon | Amazon Web Services Freertos | 1.0.0 |
| Application | Amazon | Amazon Web Services Software Development Kit | 2.0.5 |
| Application | Amazon | Audible | 2.34.0 |
| Application | Amazon | Aws-lambda | 0.0.1 |
| Application | Amazon | Aws Command Line Interface | - |
| Operating System | Amazon | Aws Command Line Interface | - |
| Application | Amazon | Aws Encryption Sdk | - |
| Application | Amazon | Aws Javascript S3 Explorer | 1.0.0 |
| Application | Amazon | Aws S3 Crypto Sdk | - |
| Application | Amazon | Aws Sdk For Javascipt | - |
| Application | Amazon | Aws Shared Configuration File Loader | 0.1.0 |
| Hardware | Amazon | Blink Xt2 Sync Module | - |
| Operating System | Amazon | Blink Xt2 Sync Module Firmware | 2.13.11 |
| Application | Amazon | Corretto | 11 |
| Application | Amazon | Ec2 Api Tools Java Library | - |
| Application | Amazon | Elastic Load Balancing Api Tools | - |
| Application | Amazon | Firecracker | 0.1.0 |