CVE-2026-11400
Awaiting Analysis Awaiting Analysis - Queue
Privilege Escalation in AWS Advanced JDBC Wrapper

Publication date: 2026-06-05

Last updated on: 2026-06-05

Assigner: AMZN

Description
An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rds_superuser, via a crafted function created by the actor that runs when that user connects to the cluster through an affected wrapper. To remediate this issue, users should upgrade to AWS Advanced JDBC Wrapper version 4.0.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-05
Last Modified
2026-06-05
Generated
2026-06-27
AI Q&A
2026-06-05
EPSS Evaluated
2026-06-25
NVD
CVE-2026-11400
EUVD
EUVD-2026-34900
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
amazon aws_advanced_jdbc_wrapper 4.0.1
amazon aws_advanced_go_wrapper to 2026-04-06 (exc)
amazon aws_advanced_go_wrapper 2026-05-26
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-426 The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an untrusted search path issue in the GlobalDatabasePlugin of the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL. It allows a remote authenticated user with low privileges to escalate their privileges to those of another Amazon RDS user, including the highly privileged rds_superuser role. This escalation is achieved by the attacker creating a crafted function that executes when the targeted user connects to the database cluster through the affected JDBC wrapper.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability involves an untrusted search path issue in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL that allows privilege escalation via a crafted function executed when connecting to the cluster.

Detection would involve identifying usage of vulnerable versions of the AWS Advanced JDBC Wrapper (prior to version 4.0.1) in your environment and monitoring for suspicious function creations or privilege escalations in the database.

Since the vulnerability is triggered by a crafted function created by a low-privilege authenticated user, you can audit database logs for creation of unusual or unauthorized functions, especially those executed upon user connection.

  • Check the version of AWS Advanced JDBC Wrapper in use to confirm if it is older than 4.0.1.
  • In PostgreSQL, list functions created by users with commands like: \df+
  • Audit PostgreSQL logs for CREATE FUNCTION statements or unusual function executions.
  • Monitor database connection logs for unexpected privilege escalations or errors related to the JDBC wrapper.

No specific detection commands are provided in the available resources, but general PostgreSQL auditing and version checks of the AWS Advanced JDBC Wrapper are recommended.

Impact Analysis

The impact of this vulnerability is significant because it enables a low-privilege authenticated user to gain elevated privileges, potentially full administrative access (rds_superuser) within the Amazon RDS environment. This could allow the attacker to perform unauthorized actions such as modifying data, changing configurations, or accessing sensitive information, thereby compromising the security and integrity of the database.

Mitigation Strategies

To mitigate this vulnerability, users should upgrade to AWS Advanced JDBC Wrapper version 4.0.1.

The version 4.0.1 release addresses several critical issues related to CVE-2026-11400, including fixes that improve security and stability of the wrapper.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11400. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart