Security Advisory

CVE-2026-5190

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-31 17:05:59

Last updated 2026-04-01 03:55:47

Assigner AMZN

State PUBLISHED

Description

Out-of-bounds write in the streaming decoder component in aws-c-event-stream before 0.6.0 might allow a third party operating a server to cause memory corruption leading to arbitrary code execution on a client application that processes crafted event-stream messages. To remediate this issue, users should upgrade to version 0.6.0 or later.

← Browse all CVEs View on cve.org ↗