Amazon · Aws-C-Event-Stream · CVE-2026-5190
**Name of the Vulnerable Software and Affected Versions**
aws-c-event-stream versions prior to 0.6.0
**Description**
A flaw exists in the streaming decoder component of aws-c-event-stream that could allow a third party operating a server to cause memory corruption, potentially leading to arbitrary code execution on a client application that processes specially crafted event-stream messages.
**Recommendations**
Upgrade to version 0.6.0 or later.