Amazonsagemakerpythonsdk Aws
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Amazonsagemakerpythonsdk Aws.
By the Year
In 2026 there have been 2 vulnerabilities in Amazonsagemakerpythonsdk Aws with an average score of 7.2 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 7.20 |
It may take a day or so for new Aws vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazonsagemakerpythonsdk Aws Security Vulnerabilities
Amazon SageMaker SDK v2/v3 Remote Code Exec via Unverified Triton Inference
CVE-2026-8597
7.2 - High
- May 14, 2026
Missing integrity verification in the Triton inference handler in Amazon SageMaker Python SDK v2 before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to achieve code execution in inference containers via replacement of model artifacts in S3 with a specially crafted pickle payload that is deserialized without verification. This issue requires a remote authenticated actor with S3 write access to the model artifact path. To remediate this issue, we recommend upgrading to Amazon SageMaker Python SDK v2.257.2 or v3.8.0 and rebuild any Triton models previously created with ModelBuilder using the updated SDK.
Improper Validation of Integrity Check Value
Cleartext Sensitive Info in SageMaker Python SDK <v2.257.2/v3<3.8.0
CVE-2026-8596
7.2 - High
- May 14, 2026
Cleartext storage of sensitive information in the ModelBuilder/Serve component in Amazon SageMaker Python SDK before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to extract the HMAC signing key from SageMaker API responses and forge valid integrity signatures for specially crafted model artifacts, achieving code execution in inference containers. This issue requires a remote authenticated actor with permissions to call SageMaker describe APIs and S3 write access to the model artifact path. To remediate this issue, we recommend upgrading to Amazon SageMaker Python SDK v2.257.2 or v3.8.0 and rebuild any models previously created with ModelBuilder using the updated SDK.
Cleartext Storage of Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazonsagemakerpythonsdk Aws or by Amazonsagemakerpythonsdk? Click the Watch button to subscribe.
