Amazon Linux 2023

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1496 Related CVEs: CVE-2025-66614 CVE-2026-24733 CVE-2026-24734 CVE-2025-55752 CVE-2025-61795 CVE-2025-48989 CVE-2025-52434 CVE-2025-52520  +12 more Upstream summary: mproper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023NVIDIA-2026-277 Related CVEs: CVE-2025-33228 CVE-2025-23248 CVE-2025-23255 CVE-2025-23271 CVE-2025-23273 CVE-2025-23274 CVE-2025-23275 CVE-2025-23308  +12 more Upstream summary: NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023NVIDIA-2026-276 Related CVEs: CVE-2025-33228 Upstream summary: NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1459 Related CVEs: CVE-2025-12474 CVE-2026-1837 Upstream summary: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1460 Related CVEs: CVE-2026-1536 CVE-2026-1539 CVE-2026-2369 CVE-2026-0719 CVE-2025-14523 CVE-2025-11021 CVE-2025-12105 CVE-2025-4945  +12 more Upstream summary: A flaw was found in libsoup. An attacker who can control the input for the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1461 Related CVEs: CVE-2026-0966 CVE-2026-0968 CVE-2026-0964 CVE-2026-0967 CVE-2025-8114 CVE-2025-8277 CVE-2025-4878 CVE-2025-5318  +5 more Upstream summary: libssh: Buffer underflow in ssh_get_hexa() on invalid input (CVE-2026-0966) Table of contents Symptom & Impact […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1453 Related CVEs: CVE-2026-25506 Upstream summary: MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2023-2026-1456 Related CVEs: CVE-2026-2003 CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 CVE-2012-0868 CVE-2017-7484 CVE-2019-10130 CVE-2024-21096  +12 more Upstream summary: Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few […]