Is Memory Corruption affected by CVE-2026-35559?

Amazon Athena ODBC driver versions prior to 2.1.0.0 contain an out-of-bounds write vulnerability that allows remote attackers to crash the driver when users process specially crafted query data, disrupting analytics workflows and data access for organizations relying on Athena for business…

CVE-2026-35559

EUVD-2026-18853 HIGH

2026-04-03 AMZN

7.1

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

EUVD ID Assigned

Apr 03, 2026 - 20:45 euvd

EUVD-2026-18853

Analysis Generated

Apr 03, 2026 - 20:45 vuln.today

Patch Released

Apr 03, 2026 - 20:45 nvd

Patch available

CVE Published

Apr 03, 2026 - 20:13 nvd

HIGH 7.1

Description

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0.0.

Analysis

Out-of-bounds write vulnerability in Amazon Athena ODBC driver (pre-2.1.0.0) allows remote attackers to crash the driver through specially crafted query data, requiring user interaction to process malicious queries. Affected versions include all Amazon Athena ODBC driver releases before 2.1.0.0 across Windows, Linux, and macOS platforms. …

Remediation

Within 24 hours: Identify all systems running Amazon Athena ODBC driver versions before 2.1.0.0 using asset inventory and driver version audits. Within 7 days: Deploy vendor-released patch version 2.1.0.0 across all affected platforms (Windows, Linux, macOS) using the direct download links provided in AWS security bulletin 2026-013, prioritizing systems in production analytics environments. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: 0

CVE-2026-35559 vulnerability details – vuln.today

Back

CVE-2026-35559

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-35559

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code