Browse all 37 CVE security advisories affecting Amazon. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Amazon operates primarily as a global e-commerce platform and cloud computing provider, offering extensive infrastructure services alongside retail operations. With thirty-six recorded Common Vulnerabilities and Exposures, the entity has historically faced risks associated with remote code execution, cross-site scripting, and privilege escalation, reflecting the complexity of its distributed architecture. Security assessments indicate that while the core infrastructure maintains robust controls, peripheral services and third-party integrations often present attack vectors. Notable incidents have included data exposure events and service disruptions, prompting continuous hardening of access controls and encryption standards. The organization’s scale necessitates rigorous monitoring, yet the sheer volume of endpoints and APIs creates a broad attack surface. Analysts observe that while critical backend systems remain resilient, user-facing applications and legacy components occasionally exhibit configuration weaknesses, requiring persistent patch management and vulnerability scanning to mitigate potential exploitation by threat actors targeting sensitive customer data and operational continuity.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-7791 | Amazon WorkSpaces Windows <2.6.2034.0 权限管理漏洞致提权 — WorkspacesCWE-367 | 7.8 | High | 2026-05-04 |
This page lists every published CVE security advisory associated with Amazon. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.