Cve-2026-5708

vulnerability 2026-04-07
Three High-Severity Command Injection Flaws in AWS Research and Engineering Studio Give Authenticated Users Root RCE
AWS patches three CVSS 8.8 command injection and privilege escalation bugs in Research and Engineering Studio (RES) — any authenticated user could get root on virtual desktop hosts or the cluster manager.
aws cloud command-injection rce privilege-escalation cve-2026-5707 cve-2026-5708 cve-2026-5709

Three High-Severity Command Injection Flaws in AWS Research and Engineering Studio Give Authenticated Users Root RCE