security — Weekly digest (2026-06-08)
Window: last 7 day(s) · items in window: 65 · top shown: 25
RSS
- Fragnesia Local Privilege Escalation report via ESP-in-TCP in the Linux Kernel —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-31431 —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - Issues in tough library and tuftool CLI utility —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-5429 - Kiro IDE Webview Cross-Site Scripting via Workspace Color Theme —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - Arbitrary code execution via crafted project files in Kiro IDE —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-4270 - AWS API MCP File Access Restriction Bypass —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - MariaDB Server Audit Plugin Comment Handling Bypass —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - Security Findings in SageMaker Python SDK —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - Key Commitment Issues in S3 Encryption Clients —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - [Redirected] Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84) —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2025-6031 - Insecure device pairing in end-of-life Amazon Cloud Cam —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2025-12829 - Integer Overflow issue in Amazon Ion-C —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc container issues —
rss:aws-security-bulletins· 2026-06-05 · score 9.15 - CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-10591 - Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-9291 - Insecure Deserialization in Amazon Braket SDK Job Results Processing —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-9255 - Tool Execution Without Authorization via Piped Stdin in Kiro CLI —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-9133 - Arbitrary file read in rabbitmq-aws plugin —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-8838 - Remote Code Execution in amazon-redshift-python-driver —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-8686 - Heap out-of-bounds read in coreMQTT MQTT5 property parsing —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - Issue with Amazon SageMaker Python SDK - Model artifact integrity verification issues (CVE-2026-8596 & CVE-2026-8597) —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - Dirty Frag and other issues in Amazon Linux kernels —
rss:aws-security-bulletins· 2026-06-05 · score 7.65 - CVE-2026-8178 - Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver —
rss:aws-security-bulletins· 2026-06-05 · score 7.65