What is CVE-2026-11401?

CVE-2026-11401 is a high-severity vulnerability, classified under Untrusted Search Path. CVSS score: 8.0/10. Published 2026-06-05.

How severe is CVE-2026-11401?

High severity. CVSS v3 base score is 8.0 out of 10.

CVE-2026-11401

CVE-2026-11401

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, includ…

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

ff89ba41-3aa1-4d27-914a-91399e9639e5
ff89ba41-3aa1-4d27-914a-91399e9639e5
ff89ba41-3aa1-4d27-914a-91399e9639e5

Frequently asked questions

What is CVE-2026-11401?: CVE-2026-11401 is a high-severity vulnerability, classified under Untrusted Search Path. CVSS score: 8.0/10. Published 2026-06-05.
How severe is CVE-2026-11401?: High severity. CVSS v3 base score is 8.0 out of 10.