Multiple PKCS7_verify Vulnerabilities Discovered in AWS

Multiple PKCS7_verify Vulnerabilities Discovered in AWS

First seen 5 Mar 2026, 09:12 UTC Api.Msrc.Microsoft 94% similarity 66.8

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities, CVE-2026-3336 and CVE-2026-3338, affecting AWS have been published, both on March 2, 2026. CVE-2026-3336 allows a certificate chain validation bypass, while CVE-2026-3338 enables a signature validation bypass, potentially exposing users to significant security risks.

ThreatCluster AI

Timeline

2026-03-02
CVE-2026-3336 published
2026-03-02
CVE-2026-3338 published
2026-03-05
Information published about vulnerabilities

Community

Browse all →