Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3207 Related CVEs: CVE-2025-61731 CVE-2025-68119 CVE-2025-22874 CVE-2025-4673 CVE-2025-47912 CVE-2025-58183 CVE-2025-58185 CVE-2025-58186  +12 more Upstream summary: cmd/go: bypass of flag sanitization can lead to arbitrary code execution (CVE-2025-61731) cmd/go: unexpected code […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3201 Related CVEs: CVE-2026-25884 CVE-2026-27596 CVE-2026-27631 CVE-2021-31291 CVE-2025-54080 CVE-2025-55304 CVE-2024-24826 CVE-2024-25112  +12 more Upstream summary: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3193 Related CVEs: CVE-2026-2005 CVE-2026-2003 CVE-2026-2004 CVE-2026-2006 CVE-2012-0868 CVE-2017-7484 CVE-2019-10130 CVE-2024-21096  +12 more Upstream summary: Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2TOMCAT9-2026-024 Related CVEs: CVE-2025-66614 CVE-2026-24733 CVE-2026-24734 CVE-2025-55752 CVE-2025-61795 CVE-2025-48989 CVE-2025-52434 CVE-2025-52520  +12 more Upstream summary: mproper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3183 Related CVEs: CVE-2026-2049 CVE-2026-2050 CVE-2025-10921 CVE-2021-45463 Upstream summary: The `rgbe_read_new_rle` function in `gegl/libs/rgbe/rgbe.c` has a heap buffer overflow vulnerability during HDR image parsing that may allow remote code execution. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3180 Related CVEs: CVE-2026-25990 CVE-2022-22817 CVE-2023-50447 CVE-2014-1932 CVE-2014-1933 CVE-2014-3007 CVE-2021-23437 CVE-2014-9601  +12 more Upstream summary: Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3164 Related CVEs: CVE-2025-15270 CVE-2025-15269 CVE-2025-15275 CVE-2025-15279 CVE-2025-50949 CVE-2024-25081 CVE-2024-25082 CVE-2020-5395 Upstream summary: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3168 Related CVEs: CVE-2025-68160 CVE-2025-69420 CVE-2025-69421 CVE-2026-22796 CVE-2022-4304 CVE-2023-0215 CVE-2023-0286 CVE-2022-0778  +12 more Upstream summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2OPENSSL-SNAPSAFE-2026-009 Related CVEs: CVE-2025-68160 CVE-2025-69420 CVE-2025-69421 CVE-2026-22796 CVE-2022-4304 CVE-2023-0215 CVE-2023-0286 CVE-2023-0464  +12 more Upstream summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next […]