EXECUTIVE SUMMARY:
CVE-2026-8596 with a CVSS score of 8.5 is a vulnerability in the Amazon SageMaker Python SDK ModelBuilder/Serve path that allows for the cleartext storage of a sensitive HMAC signing key, enabling a remote authenticated actor to extract the key and forge valid integrity signatures for specially crafted model artifacts, achieving code execution in inference containers with the SageMaker execution role's IAM permissions. An attacker can exploit this vulnerability by calling SageMaker describe APIs and possessing S3 write access to the model artifact path, allowing them to extract the HMAC signing key and subsequently forge valid integrity signatures. The capability gained by an attacker is the ability to execute code in inference containers with the SageMaker execution role's IAM permissions, leading to significant business impact and consequences, including data breaches and unauthorized access to sensitive information.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-8596 with a CVSS score of 8.5 is a vulnerability in the Amazon SageMaker Python SDK ModelBuilder/Serve path that allows for the cleartext storage of a sensitive HMAC signing key, enabling a remote authenticated actor to extract the key and forge valid integrity signatures for specially crafted model artifacts, achieving code execution in inference containers with the SageMaker execution role's IAM permissions. An attacker can exploit this vulnerability by calling SageMaker describe APIs and possessing S3 write access to the model artifact path, allowing them to extract the HMAC signing key and subsequently forge valid integrity signatures. The capability gained by an attacker is the ability to execute code in inference containers with the SageMaker execution role's IAM permissions, leading to significant business impact and consequences, including data breaches and unauthorized access to sensitive information.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update Amazon SageMaker Python SDK to below version: https://github.com/aws/sagemaker-python-sdk/releases
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-7hh5-prp2-mfh5