CVE-2026-35559 MEDIUM

CVE-2026-35559: Out-of-bounds write in query processing components in Amazon Athena ODBC driver

Weakness CWE-787
Published April 3, 2026
Last update April 7, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should upgrade to version 2.1.0.0.

Key dates

02Disclosure timeline

April 3, 2026 CVE published
April 7, 2026 Record updated