Cybersecurity experts and organizations that rely on Amazon Web Services (AWS) are furious about a new vulnerability. This vulnerability has been assigned CVE-2025-51591. Attackers can exploit this Server-Side Request Forgery (SSRF) vulnerability by injecting HTML iframe elements. This move endangers key federal systems and could have disastrous effects on the overall cloud infrastructure. This vulnerability has a CVSS score of 6.5. It can open the door for bad actors to view sensitive information and use internal applications.
The ramifications of taking advantage of SSRF vulnerabilities in cloud environments such as AWS can be far-reaching. Threat actors can take advantage of these vulnerabilities to steal cloud credentials, perform network reconnaissance, and access internal services without authorization. Here’s what organizations need to do today. For one, they need to require IMDSv2 be used for all EC2 instances in order to guard against potential SSRF-style attacks.
Understanding CVE-2025-51591
The vulnerability is due to how Pandoc renders <iframe> tags in resulting HTML documents. Pandoc is probably the most widely known tool for converting between multiple document formats. Exploitation An attacker can exploit this flaw by simply creating an iframe that targets the AWS Instance Metadata Service (IMDS) server. This stage simplifies data exfiltration from sensitive directories.
“The vulnerability, tracked as CVE-2025-51591, stems from Pandoc rendering