SecAlerts
CVE ListPricingSign Up
Amazon logo

Amazon

Security Risk Profile

46
/100
medium

Security Risk Score

Comprehensive risk assessment based on 303 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from November 19, 2007 to present

303
Total CVEs
137
Critical+High
18
Exploited
83
Unpatched

Threat Assessment

Avg CVSS
7.3
Base severity
Avg EPSS
1%
Exploit probability
Unpatched
83
Critical/High
Risk Level
46/100
medium
⚠️ 18 Active Exploits 2 Zero-Days🆕 1Fresh (<7d)📈 12 in Last 30 Days

Severity Distribution

Critical
32
High
105
Medium
81
Low
2

Exploit Likelihood

>50% chance
1
20-50%
0
5-20%
0
<5%
50

Age Distribution

Common Weaknesses (CWE)

1
OS Command Injection
13
2
Infoleak
12
3
Buffer Overflow
11
4
XSS
11
5
Input Validation
9

Most Affected Products

1. Cisco Identity Services Engine60
2. Amazon Kindle48
3. FreeBSD FreeBSD29
4. SUSE Linux Enterprise Server27
5. Amazon Aws-sigv4 Rust24

Recent Vulnerabilities

See more →
CVE-2026-9133
CVSS 8.3EPSS 0%high

Arbitrary file read in rabbitmq-aws plugin

5/20/2026🔧 No Patch
CVE-2026-8686
CVSS 8.7EPSS 0%high

DoS from MQTT v5.0 Deserialization Fault in core MQTT

5/15/2026🔧 No Patch
CVE-2026-8178
CVSS 9.2EPSS 0%critical

Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver

5/8/2026
https://www.theregister.com/2026/05/05/cisa_sounds_the_alarm_on/
unknown

Attackers are cashing in on fresh 'CopyFail' Linux flaw

5/5/2026⚠ Exploited🔧 No Patch
https://www.bleepingcomputer.com/news/security/cisa-says-copy-fail-flaw-now-exploited-to-root-linux-systems/
unknown

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems

5/4/2026⚠ Exploited🔧 No Patch
CVE-2026-7461
CVSS 7.5EPSS 0%high

OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials

4/30/2026🔧 No Patch
https://www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/
unknown

New Linux ‘Copy Fail’ flaw gives hackers root on major distros

4/30/2026⚠ Exploited🔧 No Patch
CVE-2026-7426
CVSS 6.1EPSS 0%medium

Out-of-Bounds Write via Unsanitized Prefix Length in Router Advertisement Processing in FreeRTOS-Plus-TCP

4/29/2026
CVE-2026-7425
CVSS 6.0EPSS 0%medium

Out-of-Bounds Read in Router Advertisement Option Parser in FreeRTOS-Plus-TCP

4/29/2026
CVE-2026-7424
CVSS 7.2EPSS 0%high

Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP

4/29/2026🔧 No Patch

Monitor Amazon in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

Amazon Security Vulnerabilities & Risk Score | 303 CVEs | SecAlerts - SecAlerts