Known Vulnerabilities for products from Amazon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Amazon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Amazon can be found at device.report : Amazon
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-35562 json | Not Provided | 2026-04-03 | 2026-04-06 | |
| CVE-2026-35561 json | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver bef... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35560 json | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 mi... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35559 json | Not Provided | 2026-04-03 | 2026-04-07 | |
| CVE-2026-35558 json | Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 migh... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-33726 json | Not Provided | 2026-03-27 | 2026-03-27 | |
| CVE-2026-32265 json | Not Provided | 2026-03-18 | 2026-03-18 | |
| CVE-2026-6550 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2026-5709 json | Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 migh... | Not Provided | 2026-04-06 | 2026-04-10 |
| CVE-2026-5708 json | Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (R... | Not Provided | 2026-04-06 | 2026-04-10 |
| CVE-2026-5707 json | Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES)�... | Not Provided | 2026-04-06 | 2026-04-10 |
| CVE-2026-5485 json | OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2025-54043 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2024-23680 json | 5.3 - MEDIUM | 2024-01-19 | 2024-01-26 | |
| CVE-2024-21634 json | 7.5 - HIGH | 2024-01-03 | 2024-01-10 | |
| CVE-2023-51651 json | 3.3 - LOW | 2023-12-22 | 2024-01-03 | |
| CVE-2023-51386 json | 3.3 - LOW | 2023-12-22 | 2024-01-04 | |
| CVE-2023-45807 json | OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. Th... | 5.4 - MEDIUM | 2023-10-16 | 2023-10-20 |
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2023-36467 json | AWS data.all is an open source development framework to help users build a data marketplace on Amazon Web Services. data.all ... | 8.8 - HIGH | 2023-06-28 | 2023-07-07 |
Known software with vulnerabilities from Amazon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Amazon | Amazon Freertos | 1.0.0 |
| Application | Amazon | Amazon Music | 6.1.5.1213 |
| Application | Amazon | Amazon Web Services Cloudformation Bootstrap | - |
| Application | Amazon | Amazon Web Services Freertos | 1.0.0 |
| Application | Amazon | Amazon Web Services Software Development Kit | 2.0.5 |
| Application | Amazon | Audible | 2.34.0 |
| Application | Amazon | Aws-lambda | 0.0.1 |
| Application | Amazon | Aws Command Line Interface | - |
| Operating System | Amazon | Aws Command Line Interface | - |
| Application | Amazon | Aws Encryption Sdk | - |
| Application | Amazon | Aws Javascript S3 Explorer | 1.0.0 |
| Application | Amazon | Aws S3 Crypto Sdk | - |
| Application | Amazon | Aws Sdk For Javascipt | - |
| Application | Amazon | Aws Shared Configuration File Loader | 0.1.0 |
| Hardware | Amazon | Blink Xt2 Sync Module | - |
| Operating System | Amazon | Blink Xt2 Sync Module Firmware | 2.13.11 |
| Application | Amazon | Corretto | 11 |
| Application | Amazon | Ec2 Api Tools Java Library | - |
| Application | Amazon | Elastic Load Balancing Api Tools | - |
| Application | Amazon | Firecracker | 0.1.0 |