CVE-2026-11400

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

CVE-2026-11400 Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

PT-2026-47034

Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...

jdbc-wrapper-poc

AWS Advanced JDBC Wrapper - Deserialization RCE via Cache Pois...

Uncontrolled Search Path Element

Overview software.amazon.jdbc:aws-advanced-jdbc-wrapper is an Amazon Web Services AWS Advanced JDBC Wrapper Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unqualified SQL function and operator references in the database dialect components. An attacker...

EUVD-2025-180218

Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance...

ch.admin.bit.jeap:jeap-archrepo-docgen (>=2.10.0 <=3.1.1), ch.admin.bit.jeap:jeap-archrepo-importer-openapi (>=1.10.0 <=3.1.1) +8 more potentially affected by CVE-2025-12967 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=2.3.7 <=2.5.6)

software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =2.3.7, =2.10.0, =1.10.0, =1.15.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =17.16.0, =2.0.0, =2.0.8 - org.keycloak.tests:keycloak-tests-base =26.6.0 Source cves: CVE-2025-12967 Source advisory: OSV:GHSA-7XW4-G7MM-R4HH...

Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance

Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...

GHSA-7XW4-G7MM-R4HH Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance

Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...

EUVD-2025-48942

AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow privilege escalation to the rds_superuser role via a crafted function executed by a low-privileged authenticated user. Affected wrappers include AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, and AWS PGSQL ...

PT-2025-46181

Name of the Vulnerable Software and Affected Versions AWS JDBC Wrapper versions prior to 2.6.5 AWS Go Wrapper versions prior to 2025-10-17 AWS NodeJS Wrapper versions prior to 2.0.1 AWS Python Wrapper versions prior to 1.4.0 AWS PGSQL ODBC driver versions prior to 1.0.1 Description An issue in AW...