AWS SageMaker SDK HMAC Secret Stored in Plaintext Leading to RCE (CVE-2025-8596)

github.com 2026-05-22查看中文 →

Security AdvisoryCVE-2025-8596HighAWS

Affected:

Amazon SageMaker Python SDK v2.199.0 - v2.257.1
Amazon SageMaker Python SDK v3.0.0 - v3.7.1

Fixed in:

v2.257.2
v3.8.0

Referenced CVEs: CVE-2026-8596 · 7.2

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

SQL Injection Vulnerability Fix Analysis in PublishAuditAPIImpl 2026-05-27 HTTP-Daemon send_file() 2-arg open() Shell Injection Vulnerability Fix (CVE-2026-8450) 2026-05-27 CVE-2026-8450: Shell-magic Arbitrary File Write and RCE via send_file 2026-05-27 Yoast SEO Plugin Information Disclosure Vulnerability Fix PR 2026-05-27 zipdetails ZIP Parsing Vulnerability and Fix Analysis 2026-05-27

Offline Archive

Offline screenshot & PDF are Pro-exclusive