Vulnerability in Ex-aws Ex_aws_sns

CVE-2026-47074

Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/ex_aws/sns.ex, lib/…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (14.0th percentile) — read the EPSS interpretation.

Affected products

Ex-aws Ex_aws_sns — versions 2.0.1, a7ec21880943f4dac1d59bda557db0ffcd2b61fa

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)