PT-2026-23662 · Amazon Web Services · Aws-Lambda

Jakub Ciolek

·

Published

2026-03-06

·

Updated

2026-05-30

·

CVE-2026-27137

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions AWS Lambda (affected versions not specified)
Description A flaw exists in AWS Lambda base images utilizing stdlib. Specifically, when validating a certificate chain with multiple email address constraints that share common local portions but differ in domain portions, the constraints are not correctly applied. Only the last constraint in the chain is considered during verification.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Certificate Validation

Weakness Enumeration

CWE-295

Related Identifiers

ALSA-2026:19022
ALSA-2026:19181
ALSA-2026:8842
AZL-79613
AZL-79628
BDU:2026-04124
BIT-GOLANG-2026-27137
CLEANSTART-2026-AB43319
CLEANSTART-2026-AT12816
CLEANSTART-2026-BC17682
CLEANSTART-2026-BH97849
CLEANSTART-2026-FM44162
CLEANSTART-2026-GI67088
CLEANSTART-2026-GM63718
CLEANSTART-2026-GQ03231
CLEANSTART-2026-HA09227
CLEANSTART-2026-HJ72983
CLEANSTART-2026-JM96857
CLEANSTART-2026-KR58137
CLEANSTART-2026-LA67881
CLEANSTART-2026-MX70474
CLEANSTART-2026-ON62368
CLEANSTART-2026-PS51260
CLEANSTART-2026-QO29688
CLEANSTART-2026-RR25843
CLEANSTART-2026-SP88135
CLEANSTART-2026-SR26977
CLEANSTART-2026-TC31671
CLEANSTART-2026-TM31143
CLEANSTART-2026-UG20989
CLEANSTART-2026-UI21589
CLEANSTART-2026-UY60586
CVE-2026-27137
GO-2026-4599
OPENSUSE-SU-2026:10299-1
OPENSUSE-SU-2026:10909-1
OPENSUSE-SU-2026:20342-1
OPENSUSE-SU-2026:20537-1
RHSA-2026:10169
RHSA-2026:10929
RHSA-2026:7291
RHSA-2026:8842
SUSE-SU-2026:0876-1
SUSE-SU-2026:0976-1
SUSE-SU-2026:0993-1
SUSE-SU-2026:1042-1
SUSE-SU-2026:21195-1

Affected Products

Aws-Lambda