Critical RCE Vulnerability in AWS Amplify Studio PoC Now Public

In May 2025, AWS disclosed a critical remote code execution (RCE) vulnerability, CVE-2025-4318, in the @aws-amplify/codegen-ui package”, a core dependency for AWS Amplify Studio’s UI code generation pipeline. The flaw, rated 9.5 on the CVSS scale, stemmed from improper input validation in the expression-binding logic that processes user-defined JavaScript expressions within UI component schemas. How RCE […] The post Critical RCE Vulnerability in AWS Amplify Studio PoC Now Public appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/rce-vulnerability-in-aws-amplify-studio/