Skip to content
Threat Feed

Tag

Rds

10 briefs RSS
critical advisory

CVE-2026-46840 - Oracle REST Data Services Takeover Vulnerability

CVE-2026-46840 is a critical vulnerability in Oracle REST Data Services (ORDS) that allows an unauthenticated attacker with network access to achieve complete takeover of the service, potentially impacting additional products due to scope change.

REST Data Services oracle rds rest vulnerability cve-2026-46840 takeover
2r 1c
medium advisory

AWS RDS DB Snapshot Shared with Another Account

An AWS RDS DB snapshot is shared with another AWS account or made public, potentially enabling unauthorized access, offline analysis, or data exfiltration by allowing adversaries to restore the snapshot in their controlled infrastructure.

AWS RDS aws rds snapshot exfiltration
2r 1t
medium advisory

AWS RDS DB Instance or Cluster Deletion Protection Disabled

An adversary may disable deletion protection on an AWS RDS DB instance or cluster as a precursor to destructive actions, such as deleting databases containing sensitive data.

AWS RDS cloud aws rds datadestruction
2r 2t
medium advisory

AWS RDS Snapshot Deletion Detected

The deletion of AWS RDS DB snapshots or disabling backups via configuration changes can inhibit recovery, destroy forensic evidence, and prepare for destructive actions by adversaries.

Amazon RDS aws rds snapshot backup datadestruction
3r 2t
medium advisory

AWS RDS DB Instance Made Public

An attacker with compromised AWS credentials may modify an Amazon RDS DB instance or cluster to be publicly accessible for persistence, data exfiltration, or to bypass network restrictions.

AWS RDS cloud aws rds persistence defense_evasion
2r 3t
medium advisory

AWS RDS DB Instance or Cluster Password Modification

The modification of the master password for an AWS RDS DB instance or cluster can indicate malicious activity used for persistence, privilege escalation, or defense evasion.

RDS cloud aws persistence
2r 3t
medium advisory

AWS RDS DB Instance Restored for Defense Evasion or Data Collection

Detection of AWS RDS database instance restoration from a snapshot or S3 backup, potentially indicating unauthorized data access, defense evasion, or data collection by adversaries recreating database environments to bypass controls or exfiltrate sensitive data.

RDS cloud aws defense-evasion data-collection
3r 3t
medium advisory

AWS RDS Snapshot Export to S3 for Potential Data Exfiltration

An adversary may export RDS snapshots to Amazon S3 to exfiltrate sensitive data outside of RDS-managed storage, potentially bypassing database access controls and leading to unauthorized data theft.

RDS +1 aws s3 exfiltration cloudtrail
2r 1t
medium advisory

AWS RDS DB Instance or Cluster Deleted

An adversary with sufficient permissions may delete RDS resources such as DB instances or clusters to impede recovery, destroy evidence, or inflict operational impact on the environment.

Amazon RDS +1 cloud aws rds datadestruction
2r 1t
high advisory

AWS RDS Master User Password Reset Detection

Detection of unauthorized master user password resets for Amazon RDS DB instances via AWS CloudTrail logs, potentially leading to sensitive data access and data breaches.

Amazon RDS cloud aws credential-access rds
2r 2t