Is there a patch available for CVE-2026-8597?

Yes, a patch is available for CVE-2026-8597. Update the affected software to the latest version immediately.

Amazon SageMaker Python SDK CVE-2026-8597

Q: What is the CVSS score of CVE-2026-8597?

CVE-2026-8597 has a CVSS 4.0 base score of 6.4 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-30423 MEDIUM

Improper Validation of Integrity Check Value (CWE-354)

2026-05-14 AMZN

GHSA-rq6v-x3j8-7qgf

RCE Python

6.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Source Code Evidence Fetched

May 14, 2026 - 20:30 vuln.today

Analysis Generated

May 14, 2026 - 20:30 vuln.today

Severity Changed

May 14, 2026 - 20:22 NVD

HIGH MEDIUM

CVSS changed

May 14, 2026 - 20:22 NVD

7.2 (HIGH) 6.4 (MEDIUM)

CVE Published

May 14, 2026 - 19:37 nvd

MEDIUM 6.4

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

5 pypi packages depend on sagemaker (5 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.199.0.

DescriptionNVD

Missing integrity verification in the Triton inference handler in Amazon SageMaker Python SDK v2 before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to achieve code execution in inference containers via replacement of model artifacts in S3 with a specially crafted pickle payload that is deserialized without verification. This issue requires a remote authenticated actor with S3 write access to the model artifact path.

To remediate this issue, we recommend upgrading to Amazon SageMaker Python SDK v2.257.2 or v3.8.0 and rebuild any Triton models previously created with ModelBuilder using the updated SDK.

AnalysisAI

Remote authenticated actors with S3 write access can achieve code execution in Amazon SageMaker Triton inference containers by replacing model artifacts with malicious pickle payloads that are deserialized without integrity verification. Affected versions are SDK v2 before v2.257.2 and v3 before v3.8.0. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-8597 vulnerability details – vuln.today

Back

Amazon SageMaker Python SDK CVE-2026-8597

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

Amazon SageMaker Python SDK CVE-2026-8597

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code