Primary

Context

AWS Aurora PostgreSQL Wrappers Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in AWS Wrappers for Amazon Aurora PostgreSQL. This issue allows a low-privilege authenticated user to create a crafted function that could be executed with the permissions of other Amazon RDS users, potentially escalating privileges to the rds_superuser role.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain rds_superuser rights on the database.

Remediation

Users are advised to upgrade to the following versions: AWS JDBC Wrapper v2.6.5, AWS Go Wrapper 2025-10-17, AWS NodeJS Wrapper v2.0.1, AWS Python Wrapper v1.4.0, and AWS PGSQL ODBC driver v1.0.1.

Added: Nov 10, 2025, 6:19 PM

Updated: Nov 10, 2025, 7:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AWS Aurora PostgreSQL Wrappers Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating