Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / amazon

amazon

196 tracked vulnerabilities.

CVE-2026-3338 HIGH

AWS-LC < 1.69.0 - Improper Verification of Cryptographic Signature in PKCS7_verify()

CVE-2026-3337 MEDIUM

AWS-LC < 1.69.0 and 3.0.0-3.1.9 - Observable Timing Discrepancy in AES-CCM Decryption via EVP CIPHER API

CVE-2026-3336 HIGH

AWS-LC 1.41.0-1.68.0 - Unauthenticated Certificate Chain Verification Bypass in PKCS7_verify()

CVE-2026-1386 MEDIUM

Firecracker <1.13.2-1.14.1 - Privilege Escalation

CVE-2026-0830 HIGH

Kiro IDE <0.6.18 - Command Injection

CVE-2025-14503 HIGH

Harmonix on AWS <0.4.2 - Privilege Escalation

CVE-2025-9624 HIGH

OpenSearch 3.0.0-3.2.9 and < 2.19.4 - Denial of Service via Complex Query String Input

CVE-2025-12829 MEDIUM

Amazon Ion-C <v1.1.4 - Info Disclosure

CVE-2025-12779 HIGH

Amazon WorkSpaces client <2024.8 - Info Disclosure

CVE-2025-62371 HIGH

OpenSearch Data Prepper < 2.12.2 - Improper Certificate Validation in OpenSearch Sink and Source Plugins

CVE-2025-11618 MEDIUM

FreeRTOS-Plus-TCP 4.0.0-4.3.3 - Null Pointer Dereference in UDP/IPv6 Packet Processing

CVE-2025-11617 MEDIUM

FreeRTOS-Plus-TCP 4.0.0-4.3.3 - Buffer Over-read in IPv6 Packet Processing

CVE-2025-11616 MEDIUM

FreeRTOS-Plus-TCP 4.0.0-4.3.3 - Buffer Over-read in ICMPv6 Packet Processing

CVE-2025-11573 HIGH

Amazon.IonDotnet < 1.3.2 - Denial of Service via Infinite Loop in Text Input Parser

CVE-2025-9039 MEDIUM

Amazon ECS <1.97.1 - Info Disclosure

CVE-2025-8904 HIGH

Amazon EMR <7.5 - Privilege Escalation

CVE-2025-8217 MEDIUM

Amazon Q Developer VS Code <1.85.0 - Info Disclosure

CVE-2025-6031 HIGH

Amazon Cloud Cam - Unauthenticated SSL Pinning Bypass via Deprecated Remote Service

CVE-2025-5688 HIGH

Amazon FreeRTOS 2.3.4-4.3.2 - Out-of-bounds Write via LLMNR or mDNS Query Processing

CVE-2025-5279 HIGH

Amazon Redshift Python Connector 2.0.872-2.1.7 - Improper Certificate Validation

CVE-2025-4318 CRITICAL

AWS Amplify Studio - Code Injection

CVE-2025-3857 HIGH

Amazon.IonDotnet < 1.3.1 - Denial of Service via RawBinaryReader Binary Deserialization

CVE-2025-2888 MEDIUM

Amazon Tough < 0.20.0 - Incorrect Timestamp Validation During Snapshot Rollback

CVE-2025-2887 MEDIUM

Amazon Tough < 0.20.0 - Incorrect Target Rollback Detection

CVE-2025-2886 MEDIUM

Amazon Tough < 0.20.0 - Incorrect Target Source Validation via Delegation Chain

Previous Page 2 of 8 Next

Products

freertos 17 amazon_web_services_freertos 14 fire_os 13 opensearch 11 tough 10 freertos-plus-tcp 9 blink_xt2_sync_module_firmware 7 Amazon Athena ODBC driver 6 athena_odbc 6 data.all 5 payfort-php-sdk 5 amazon_web_services_internet_of_things_device_software_development_kit_v2 4 aws_cloud_development_kit 4 aws_software_development_kit 4 firecracker 4 amazon_web_services_aws-c-io 3 aws-lc-sys 3 aws_libcrypto 3 echo_dot_firmware 3 opensearch_data_prepper 3 research_and_engineering_studio 3 tuftool 3 WorkSpaces Client 2 amazon_linux 2 amazon_web_services_redshift_java_database_connectivity_driver 2 audible 2 aws_client_vpn 2 aws_encryption_sdk 2 aws_s3_crypto_sdk 2 awslabs_sandbox_accounts_for_events 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy