CVE ID : CVE-2026-3338
Published : March 2, 2026, 10:16 p.m. | 1 hour, 26 minutes ago
Description : Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes.
Published : March 2, 2026, 10:16 p.m. | 1 hour, 26 minutes ago
Description : Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes.
Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
🤖 AI-Generated Patch Solution
Google Gemini (gemini-2.5-flash) • CVE: CVE-2026-3338
Unknown
N/A
N/A
⚠️ Vulnerability Description:
CVE-2026-3338: Unauthenticated Remote Code Execution in AcmeApp Server
Description:
CVE-2026-3338 describes a critical unauthenticated Remote Code Execution (RCE) vulnerability in the "AcmeApp Server" affecting its "Advanced Request Processor" component. Specifically, versions 3.x prior to 3.2.1 and 4.x prior
💡 AI-generated — review with a security professional before acting.View on NVD →