ALAS2-2026-3248 — Vulnetix

ALAS2-2026-3248 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	amazon-cloudwatch-agent

Exploit Intelligence

gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc-repo)
gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc)
sec-build.yaml (github-poc)
integ.all-options.ts (github-poc)
GO-2026-4762.json (github-poc)
CHANGELOG-v1.75.3.yml (github-poc)
CHANGELOG-v1.75.2.yml (github-poc)
.image-gitlab-ci.yml (github-poc)
CHANGELOG-v1.75.4.yml (github-poc)
.trivyignore.image.yaml (github-poc)

…and 18 more exploits

Timeline

Apr 14, 2026 CVE Published

References

ALAS2-2026-3248: amazon-cloudwatch-agent (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›