3 matches found
CVE-2026-5709
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...
CVE-2026-5709 AWS Research and Engineering Studio (RES) FileBrowser Command Injection
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...
CVE-2025-12815
An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio RES on AWS before version 2025.09 may allow an authenticated remote user to view another user's active desktop session metadata, including periodical desktop preview screenshots. To mitigate...