These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-11931 is a medium-severity vulnerability affecting Kiro IDE on macOS and Linux before version 0.11.133. The vulnerability is caused by incorrect default permissions, which expose the authentication token cache file to other local users or processes. The cache file has world-readable permissions (0644) instead of owner-restricted permissions (0600).
CVE-2026-11417 is a HIGH-severity vulnerability in the NodejsFunction local bundling pipeline of aws-cdk-lib. An actor who controls the value of one or more bundling properties (externalModules, define, loader, inject, or esbuildArgs) might execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters. This requires the threat actor to control the value of one or more [truncated]
CVE-2026-11393 is a HIGH severity vulnerability with a CVSS score of 8.8. The vulnerability is due to improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2. This could allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of another u [truncated]
CVE-2026-11401 is a HIGH severity vulnerability with a CVSS score of 8.6. An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL allows a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rds_superuser, via a crafted function created by the actor that runs when that user connects to [truncated]
CVE-2026-9255 is a HIGH severity vulnerability in Kiro CLI versions prior to 1.28.0. The issue arises from missing input source validation in the tool authorization prompt, allowing a local attacker to execute arbitrary tools or shell commands without user approval by manipulating input piped to kiro-cli via stdin. The vulnerability has a CVSS score of 8.4.
CVE-2026-9133 describes a high-severity flaw in the rabbitmq-aws component used with Amazon MQ. According to the CVE and NVD record, a debug ARN scheme was left active in the ARN resolver before version 0.2.1. If an authenticated user can reach the PUT /api/aws/arn/validate endpoint, the accepted arn:aws-debug:file scheme may allow arbitrary file reads from paths accessible to the RabbitMQ process. The pu [truncated]
CVE-2026-8838 is a critical client-side code execution issue in amazon-redshift-python-driver before 2.1.14. The flaw stems from unsafe use of Python eval() on data received from the server in vector_in(), which means a rogue server or man-in-the-middle actor could potentially trigger arbitrary code execution on the client. AWS and the GitHub advisory both direct users to upgrade to version 2.1.14.
CVE-2026-4270 is a medium-severity vulnerability in AWS API MCP Server where improper protection of an alternate path in the no-access and workdir feature can bypass intended file access restrictions. In affected versions, this may expose arbitrary local file contents in the MCP client application context. AWS and NVD both point users to version 1.3.9 as the remediation.
CVE-2026-3338 is a HIGH-severity vulnerability in AWS-LC, a cryptographic library developed by Amazon. The vulnerability is caused by improper signature validation in the PKCS7_verify() function, which allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. This vulnerability was published on March 2, 2026, and last modified on June 30, [truncated]
CVE-2026-3336 is a HIGH-severity vulnerability in AWS-LC, a cryptographic library developed by Amazon. The vulnerability is caused by improper certificate validation in the PKCS7_verify() function, which allows an unauthenticated attacker to bypass certificate chain verification when processing PKCS7 objects with multiple signers. However, customers of AWS services do not need to take action. Applications [truncated]