What is CVE-2026-8178?

CVE-2026-8178 is a high-severity vulnerability in Amazon Redshift Jdbc Driver, classified under Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection). CVSS score: 8.1/10. Published 2026-05-08.

How severe is CVE-2026-8178?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Amazon Redshift Jdbc Driver

CVE-2026-8178

An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection…

EPSS: 0.000 (8.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Amazon Redshift Jdbc Driver — versions 2.2.2

Weakness classification (CWE)

CWE-470 — Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection)

References

ff89ba41-3aa1-4d27-914a-91399e9639e5 (patch)
ff89ba41-3aa1-4d27-914a-91399e9639e5 (vendor-advisory)
ff89ba41-3aa1-4d27-914a-91399e9639e5 (third-party-advisory)

Frequently asked questions

What is CVE-2026-8178?: CVE-2026-8178 is a high-severity vulnerability in Amazon Redshift Jdbc Driver, classified under Use of Externally-Controlled Input to Select Classes or Code (Unsafe Reflection). CVSS score: 8.1/10. Published 2026-05-08.
How severe is CVE-2026-8178?: High severity. CVSS v3 base score is 8.1 out of 10.