Amazon AWS has disclosed several vulnerabilities in AWS-LC, its open-source cryptographic library. The issues include flaws that could allow certificate verification to be bypassed and weaknesses that may expose encryption timing information. One of the vulnerabilities, CVE-2026-3338, “allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes,” said AWS in…
Everything is ideas, the rest is nature.
