PT-2026-33829 · Amazon · Aws Encryption Sdk For Python

1Seal.Org

Published

2026-04-20

Updated

2026-04-24

CVE-2026-6550

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Amazon AWS Encryption SDK for Python versions prior to 3.3.1 Amazon AWS Encryption SDK for Python versions prior to 4.0.5

Description A cryptographic algorithm downgrade in the caching layer may allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache. This can result in ciphertext that can be decrypted to multiple different plaintexts.

Recommendations Upgrade to version 3.3.1 or above. Upgrade to version 4.0.5 or above.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-757

Related Identifiers

CVE-2026-6550

GHSA-V638-38FC-RHFV

Affected Products

Aws Encryption Sdk For Python

PT-2026-33829 · Amazon · Aws Encryption Sdk For Python

CVE-2026-6550

Weakness Enumeration

Related Identifiers

Affected Products

References · 12