EUVD-2026-18859
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Tags
Description
Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this issue, users should upgrade to version 2.1.0.0.
Analysis
Resource exhaustion in Amazon Athena ODBC driver versions prior to 2.1.0.0 allows unauthenticated remote attackers to trigger denial of service through maliciously crafted input that overwhelms parsing logic. CVSS 7.5 (High) reflects network-accessible attack vector with low complexity and no prerequisites. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running Amazon Athena ODBC driver versions prior to 2.1.0.0 across Windows, Linux, and macOS endpoints. Within 7 days: Deploy vendor-released patch to version 2.1.0.0 or later on all affected systems; test in non-production environments first. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today