Lucene search
K

CVE-2026-11417 OS Command Injection in NodejsFunction Bundling in aws-cdk-lib

🗓️ 10 Jun 2026 17:39:18Reported by AMZNType 
cvelist
 cvelist
🔗 www.cve.org👁 32 Views

CVE-2026-11417 OS command injection in NodejsFunction bundling; upgrade aws-cdk-lib.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for CVE-2026-11417
13 Jun 202614:34
githubexploit
Circl
CVE-2026-11417
10 Jun 202620:21
circl
CNNVD
AWS Cloud Development Kit 操作系统命令注入漏洞
10 Jun 202600:00
cnnvd
CVE
CVE-2026-11417
10 Jun 202617:39
cve
EUVD
EUVD-2026-36076
15 Jun 202620:47
euvd
Github Security Blog
aws-cdk-lib: OS Command Injection in NodejsFunction Bundling
15 Jun 202620:47
github
NVD
CVE-2026-11417
10 Jun 202618:16
nvd
OSV
GHSA-999R-QQ7V-R334 aws-cdk-lib: OS Command Injection in NodejsFunction Bundling
15 Jun 202620:47
osv
Patchstack
NPM: aws-cdk-lib: OS Command Injection in NodejsFunction Bundling
15 Jun 202620:47
patchstack
Positive Technologies
PT-2026-48489
10 Jun 202600:00
ptsecurity
Rows per page
[
  {
    "vendor": "AWS",
    "product": "AWS Cloud Development Kit library",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "2.245.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation