Res Aws Res

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Aws Res.

By the Year

In 2026 there have been 1 vulnerability in Aws Res with an average score of 6.5 out of ten.

Year Vulnerabilities Average Score
2026 1 6.50

It may take a day or so for new Res vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Aws Res Security Vulnerabilities

Auth.GetUserPrivateKey API CWE-59 in AWS RES <2026.06: Improper Link Res
CVE-2026-14904 6.5 - Medium - July 07, 2026

AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue (CWE-59) in the Auth.GetUserPrivateKey API. An authenticated remote user could read arbitrary files on the cluster-manager EC2 instance by replacing their SSH private key file (~/.ssh/id_rsa) with a symbolic link targeting any file on the host. Because the cluster-manager process runs as root, any file readable by root is exposed, including other users' SSH private keys and application configuration secrets. It's recommended to upgrade to RES version 2026.06.

insecure temporary file

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Aws Res or by Aws? Click the Watch button to subscribe.

Aws
Vendor

Aws Res
Product

subscribe