CVE-2026-47074— ex_aws_sns SigningCertURL not validated in verify_message/1
Affected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ex-aws | ex_aws_sns | 2.0.1< 2.3.5 | affected |
a7ec21880943f4dac1d59bda557db0ffcd2b61fa< 1853d280b152d10384a1e21a22cf22152a60be48 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-47074
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ex_aws_sns SigningCertURL not validated in verify_message/1
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/ex_aws/sns.ex, lib/ex_aws/sns/public_key_cache.ex and program routines 'Elixir.ExAws.SNS':verify_message/1, 'Elixir.ExAws.SNS.PublicKeyCache':get/1. 'Elixir.ExAws.SNS':verify_message/1 fetches the signing certificate from the SigningCertURL field of the incoming SNS message without validating that the URL uses HTTPS or that the host matches an AWS-owned SNS certificate domain. An unauthenticated attacker who can POST to an endpoint that calls verify_message/1 can supply an attacker-controlled SigningCertURL, sign a forged SNS message with their own key, and cause the function to return :ok, completely bypassing SNS signature verification. This issue affects ex_aws_sns: from 2.0.1 before 2.3.5.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ex-aws | ex_aws_sns | 2.0.1 ~ 2.3.5 | cpe:2.3:a:ex_aws_sns_project:ex_aws_sns:*:*:*:*:*:*:*:* | |
| ex-aws | ex_aws_sns | a7ec21880943f4dac1d59bda557db0ffcd2b61fa ~ 1853d280b152d10384a1e21a22cf22152a60be48 | cpe:2.3:a:ex_aws_sns_project:ex_aws_sns:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-47074
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-47074
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-47074 (2)
Other References for CVE-2026-47074 (1)
- 🔗 EEF-CVE-2026-47074 - OSVrelated
IV. Related Vulnerabilities
Same weakness: CWE-295
- CVE-2026-42790
nameConstraints DNS bypass via subject CommonName fallback i - CVE-2026-42791
OCSP responder certificate validity period not checked in pu - CVE-2026-42789
Non-CA certificate accepted as intermediate issuer in public - CVE-2026-44213
OpenTelemetry.Exporter.Instana bypasses TLS certificate vali - CVE-2026-42012
Gnutls: gnutls: certificate validation bypass due to imprope
V. Comments for CVE-2026-47074
No comments yet