Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AWS — Vulnerabilities & Security Advisories 68

Browse all 68 CVE security advisories affecting AWS. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Amazon Web Services operates as a comprehensive cloud computing platform, providing infrastructure, storage, and networking solutions to enterprises globally. With 68 recorded Common Vulnerabilities and Exposures, the platform’s security landscape reflects the complexity of its vast ecosystem. Historically, identified flaws have predominantly involved cross-site scripting, remote code execution, and privilege escalation issues, often stemming from misconfigurations or third-party component dependencies rather than core hypervisor failures. Notable incidents have occasionally highlighted risks associated with shared responsibility models, where customer-side errors led to data exposure. Despite these challenges, AWS maintains robust isolation mechanisms and continuous monitoring protocols. The frequency of vulnerabilities underscores the necessity for rigorous patch management and strict access controls. Users must remain vigilant, recognizing that while the underlying infrastructure is hardened, the security of deployed workloads largely depends on proper configuration and adherence to best practices within the shared responsibility framework.

Top products by AWS: FreeRTOS-Plus-TCP tough AWS-LC Research and Engineering Studio (RES) Kiro IDE aws-cdk sagemaker-python-sdk AWS Ops Wheel SageMaker Python SDK Firecracker AWS Serverless Application Model Command Line Interface Client VPN AWS SDK for Ruby AWS SDK for PHP S3 Encryption Client for Java S3 Encryption Client for Go Wickr aws-sdk-net AWS API MCP Server Bedrock AgentCore Starter Toolkit aws-c-event-stream AWS Encryption SDK for Python QnABot on AWS Amazon ECS Agent S3 Encryption Client for .NET AWS SDK for C++ Harmonix on AWS amazon-cloudwatch-agent JDBC Wrapper FreeRTOS-Plus_TCP
CVE IDTitleCVSSSeverityPublished
CVE-2026-0830 Command Injection in Kiro GitLab Merge Request Helper — Kiro IDECWE-78 7.8 High2026-01-09
CVE-2025-14764 Amazon S3 Encryption Client 安全漏洞 — S3 Encryption Client for GoCWE-327 5.3 Medium2025-12-17
CVE-2025-14763 Amazon S3 Encryption Client 安全漏洞 — S3 Encryption Client for JavaCWE-327 5.3 Medium2025-12-17
CVE-2025-14762 AWS SDK for Ruby 安全漏洞 — AWS SDK for RubyCWE-327 5.3 Medium2025-12-17
CVE-2025-14761 Amazon AWS SDK for PHP 安全漏洞 — AWS SDK for PHPCWE-327 5.3 Medium2025-12-17
CVE-2025-14760 AWS SDK for C++ 安全漏洞 — AWS SDK for C++CWE-327 5.3 Medium2025-12-17
CVE-2025-14759 Amazon S3 Encryption Client for .NET 安全漏洞 — S3 Encryption Client for .NETCWE-327 5.3 Medium2025-12-17
CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS — Harmonix on AWSCWE-266 7.2 High2025-12-15
CVE-2025-13524 Amazon Web Services Wickr 安全漏洞 — WickrCWE-404 5.7 Medium2025-11-21
CVE-2025-12967 Npgsql 安全漏洞 — JDBC WrapperCWE-470 8.0 High2025-11-10
CVE-2025-12815 Amazon Web Services Research and Engineering Studio 安全漏洞 — Research and Engineering Studio (RES)CWE-283 4.3 Medium2025-11-06
CVE-2025-11618 Invalid Pointer Dereference when receiving UDP/IPv6 packets in FreeRTOS-Plus-TCP — FreeRTOS-Plus-TCPCWE-476 4.3 Medium2025-10-10
CVE-2025-11617 Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP — FreeRTOS-Plus-TCPCWE-126 5.4 Medium2025-10-10
CVE-2025-11616 Buffer Over-read when receiving improperly sized ICMPv6 packets in FreeRTOS-Plus-TCP — FreeRTOS-Plus_TCPCWE-126 5.4 Medium2025-10-10
CVE-2025-11462 Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client — Client VPNCWE-59 7.8 High2025-10-07
CVE-2025-8069 Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client — Client VPNCWE-276 7.8 High2025-07-23
CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache — AWS Serverless Application Model Command Line InterfaceCWE-61 6.5 Medium2025-03-31
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container — AWS Serverless Application Model Command Line InterfaceCWE-61 6.5 Medium2025-03-31
CVE-2025-2888 Improper timestamp caching during snapshot rollback in tough — toughCWE-1025 3.7AILowAI2025-03-27
CVE-2025-2887 Failure to detect delegated target rollback in tough — toughCWE-1025 5.3AIMediumAI2025-03-27
CVE-2025-2886 Terminating targets role delegations are not respected in tough — toughCWE-670 4.3AIMediumAI2025-03-27
CVE-2025-2885 Root metadata version not validated in tough — toughCWE-1288 6.5AIMediumAI2025-03-27
CVE-2025-2598 AWS CDK CLI prints AWS credentials retrieved by custom credential plugins — Cloud Development Kit Command Line InterfaceCWE-497 5.5 Medium2025-03-21
CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk — aws/sagemaker-python-sdkCWE-328 7.5 -2025-03-20
CVE-2025-1969 Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center — Temporary Elevated Access Management (TEAM) for AWS IAM Identity CenterCWE-807 4.3 Medium2025-03-04
CVE-2025-0851 Path traversal issue in Deep Java Library — DeepJavaLibraryCWE-36 9.8 Critical2025-01-29
CVE-2025-0693 Issue with AWS Sign-in IAM User Login Flow - Possible Username Enumeration — AWS Sign-in IAM Login FlowCWE-204 5.3 Medium2025-01-23
CVE-2025-23206 IAM OIDC custom resource allows connection to unauthorized OIDC provider in aws-cdk — aws-cdkCWE-347 8.1 -2025-01-17
CVE-2024-45037 AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template — aws-cdkCWE-863 6.4 Medium2024-08-27
CVE-2024-32888 Amazon JDBC Driver for Redshift SQL Injection via line comment generation — amazon-redshift-jdbc-driverCWE-89 10.0 Critical2024-05-15

This page lists every published CVE security advisory associated with AWS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.