Bulletin ID: 2026-010-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/19 13:30 PM PDT Description: AWS-LC is a general-purpose cryptographic library maintained by AWS. We identified CVE-2026-4428 affecting X.509 certifi…
CVE-2026-4428: Issues with AWS-LC - CRL Distribution Point Scope Check Logic Error
AWS-LC, a cryptographic library maintained by AWS, contains a logic error (CVE-2026-4428) in its X.509 certificate revocation list (CRL) distribution point scope check logic. The flaw enables improper validation of CRLs, potentially allowing malicious certificates to bypass revocation checks, impacting systems relying on AWS-LC for TLS/SSL validation.