AWS security advisories
4 threat alerts tracking vulnerabilities and security advisories that affect AWS products.
Vulnios monitors AWS CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent AWS security news in one place, or click into an individual alert for full detail.
VU#471747: dnsmasq contains several vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation
Overview dnsmasq is affected by multiple memory safety and input validation vulnerabilities, including heap buffer overflows, heap corruption, and code execution flaws. Collectively, these vulnerabili
criticalCVE-2026-2291CVE-2026-8178 - Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver
Bulletin ID: 2026-028-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/08 11:30 AM PDT Description: Amazon Redshift JDBC Driver is a Type 4 JDBC driver that provid
criticalCVE-2026-8178CVE-2026-7791 - Local Privilege Escalation via TOCTOU Race Condition in Amazon WorkSpaces Skylight Agent
Bulletin ID: 2026-025-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/04 15:30 PM PDT Description: Amazon Skylight Workspace Config Service ( slwsconfigservice) i
criticalCVE-2026-7791CVE-2026-7461 - OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials
Bulletin ID: 2026-024-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/30 13:30 PM PDT Description: Amazon Elastic Container Service (Amazon ECS) is a fully manage
criticalCVE-2026-7461
Track AWS exposure across your environment
Vulnios automatically cross-references your asset inventory against new AWS CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan