CVE-2026-35559
Out-of-Bounds Write in Amazon Athena ODBC Driver Causes Crash
Publication date: 2026-04-03
Last updated on: 2026-04-14
Assigner: AMZN
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amazon | athena_odbc | to 2.1.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds write issue in the query processing components of the Amazon Athena ODBC driver versions before 2.1.0.0. It occurs when the driver processes specially crafted data during query operations, which can cause the driver to crash.
How can this vulnerability impact me? :
The primary impact of this vulnerability is that a threat actor can cause the Amazon Athena ODBC driver to crash by sending specially crafted data during query processing. This can lead to denial of service or disruption of database query operations.
What immediate steps should I take to mitigate this vulnerability?
To remediate this issue, users should upgrade the Amazon Athena ODBC driver to version 2.1.0.0 or later.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.