CVE-2026-47074 | ex-aws ex_aws_sns up to 2.3.4 PublicKeyCache lib/ex_aws/sns.ex SigningCertURL certificate validation (GHSA-8jgf-23q5-x7xx)

May 28, 2026 Yanac

A vulnerability was found in ex-aws ex_aws_sns up to 2.3.4 and classified as problematic. This affects an unknown function in the library lib/ex_aws/sns.ex of the component PublicKeyCache Module. Executing a manipulation of the argument SigningCertURL can lead to improper certificate validation.

This vulnerability appears as CVE-2026-47074. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More