Amazon Linux 2

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3279 Related CVEs: CVE-2026-34978 CVE-2026-34979 CVE-2026-34980 CVE-2026-34990 CVE-2025-58060 CVE-2024-47176 CVE-2025-58364 CVE-2023-4504  +7 more Upstream summary: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3252 Related CVEs: CVE-2026-27856 CVE-2026-27857 CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 CVE-2019-11500 CVE-2024-23185 CVE-2022-30550  +2 more Upstream summary: Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3275 Related CVEs: CVE-2026-28387 CVE-2026-28388 CVE-2026-28389 CVE-2026-28390 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420  +12 more Upstream summary: Potential use-after-free in DANE client code (CVE-2026-28387) NULL Pointer Dereference When Processing a Delta CRL […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3261 Related CVEs: CVE-2026-34078 CVE-2024-42472 CVE-2024-32462 CVE-2021-41133 CVE-2021-21381 CVE-2021-21261 CVE-2017-5226 CVE-2019-10063  +4 more Upstream summary: A complete sandbox escape vulnerability exists in Flatpak before 1.16.4. The Flatpak portal accepts paths […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2GIMP-2026-014 Related CVEs: CVE-2026-4150 CVE-2026-4153 CVE-2026-4154 CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2048 CVE-2025-14422  +12 more Upstream summary: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3272 Related CVEs: CVE-2026-4046 CVE-2024-2961 CVE-2016-10228 CVE-2019-25013 CVE-2020-29562 CVE-2020-6096 CVE-2025-8058 CVE-2025-0395  +12 more Upstream summary: The iconv() function in the GNU C Library versions 2.43 and earlier may crash due […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3259 Related CVEs: CVE-2026-27140 CVE-2026-27143 CVE-2026-27144 CVE-2026-32280 CVE-2026-32281 CVE-2026-32282 CVE-2026-32283 CVE-2026-32288  +12 more Upstream summary: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3277 Related CVEs: CVE-2026-5795 CVE-2021-28165 CVE-2024-9823 CVE-2023-40167 CVE-2023-36479 CVE-2021-28169 CVE-2021-34428 Upstream summary: In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3257 Related CVEs: CVE-2026-5121 CVE-2025-5914 CVE-2019-18408 CVE-2025-5917 CVE-2021-31566 CVE-2017-14503 CVE-2018-1000877 CVE-2018-1000878  +3 more Upstream summary: A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2-2026-3265 Related CVEs: CVE-2026-27143 CVE-2026-27144 CVE-2026-32280 CVE-2026-32281 CVE-2026-32282 CVE-2026-32283 CVE-2026-32288 CVE-2026-32289  +12 more Upstream summary: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in […]