Amazon has disclosed multiple critical vulnerabilities in AWS-LC, its open-source general-purpose cryptographic library. The issues tracked as CVE-2026-3336, CVE-2026-3337, and CVE-2026-3338 can allow attackers to bypass certificate and signature validations or exploit timing side-channel leaks. These flaws impact AWS-LC, aws-lc-sysand aws-lc-sys-fips packages used in various AWS services and third-party integrations for secure communications. Certificate Chain […] The post Amazon AWS-LC Vulnerability Allows Attackers to Bypass Certificate Chain Verification appeared first on Cyber Security News.