3 matches found
CVE-2026-5708
CVE-2026-5708 concerns AWS Research and Engineering Studio (RES) prior to version 2026.03, where the session creation component allows unsanitized control of user-modifiable attributes. An authenticated remote user could escalate privileges, assume the virtual desktop host instance profile permis...
CVE-2026-5707
Technical details (vulnerable component, root cause, affected versions, exploitation) are not publicly provided in the supplied documents. Monitor for updates.
CVE-2026-5709
The CVE-2026-5709 entry describes an unsanitized input issue in the FileBrowser API of AWS Research and Engineering Studio (RES) affecting versions 2024.10 through 2025.12.01. A remote authenticated actor could execute arbitrary commands on the cluster-manager EC2 instance via crafted input when ...