Vulnerabilities

CVE-2026-3336 - PKCS7_verify Certificate Chain Validation Bypass in AWS-LC

2026-03-02 0 views admin
CVE-2026-3336 - PKCS7_verify Certificate Chain Validation Bypass in AWS-LC

CVE ID : CVE-2026-3336 Published : March 2, 2026, 9:15 p.m. | 34 minutes ago Description : Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
HIGH
Published
March 2, 2026
Affected Product: AWS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-3336highaws

More from Vulnerabilities

CVE-2026-3337 - Timing Side-Channel in AES-CCM Tag Verification in AWS-LC

CVE-2026-3337 - Timing Side-Channel in AES-CCM Tag Verification in AWS-LC

2026-03-02 0
CVE-2026-3338 - PKCS7_verify Signature Validation Bypass in AWS-LC

CVE-2026-3338 - PKCS7_verify Signature Validation Bypass in AWS-LC

2026-03-02 0
CVE-2026-26709 - Code-Projects Simple Gym Management System SQL Injection

CVE-2026-26709 - Code-Projects Simple Gym Management System SQL Injection

2026-03-02 0
CVE-2026-26711 - Code-Projects Simple Food Order System SQL Injection Vulnerability

CVE-2026-26711 - Code-Projects Simple Food Order System SQL Injection Vulnerability

2026-03-02 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views