Issue with Amazon SageMaker Python SDK - Model artifact integrity verification issues (CVE-2026-8596 &: CVE-2026-8597)
criticalvulnerability
security
Source: AWS Security BulletinsMay 14, 2026
Summary
Amazon SageMaker Python SDK has two critical vulnerabilities in its model deployment tools. CVE-2026-8596 exposes an encryption key as plaintext in APIs, allowing attackers to forge signatures and run malicious code, while CVE-2026-8597 skips integrity checks when loading model files, letting attackers replace them with malicious code that executes without verification. Both vulnerabilities require the attacker to have certain AWS permissions and access to model storage.
Classification
Attack Type
Model TheftSupply Chain
Attack SophisticationModerate
Impact (CIA+S)
confidentiality
Affected Vendors
Amazon
Related Issues
Monthly digest — independent AI security research
Original source: https://aws.amazon.com/security/security-bulletins/rss/2026-031-aws/
First tracked: May 14, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 95%