{"id":"CVE-2026-14904","summary":"RES Auth.GetUserPrivateKey Arbitrary File Read","details":"AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS.\n\n\n\nImproper link resolution before file access issue (CWE-59) in the Auth.GetUserPrivateKey API. An authenticated remote user could read arbitrary files on the cluster-manager EC2 instance by replacing their SSH private key file (~/.ssh/id_rsa) with a symbolic link targeting any file on the host. Because the cluster-manager process runs as root, any file readable by root is exposed, including other users' SSH private keys and application configuration secrets.\n\n\n\nIt's recommended to upgrade to RES version 2026.06.","modified":"2026-07-10T03:54:11.754383717Z","published":"2026-07-07T16:37:58.362Z","database_specific":{"cna_assigner":"AMZN","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/14xxx/CVE-2026-14904.json","cwe_ids":["CWE-59"]},"references":[{"type":"ADVISORY","url":"https://aws.amazon.com/security/security-bulletins/2026-053-aws/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/14xxx/CVE-2026-14904.json"},{"type":"ADVISORY","url":"https://github.com/aws/res/releases/tag/2026.06"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-14904"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/aws/res","events":[{"introduced":"0"},{"fixed":"1f526a241fb293a29fb018f08ccf81c100c05a42"}],"database_specific":{"source":["AFFECTED_FIELD","REFERENCES"],"extracted_events":[{"introduced":"0"},{"last_affected":"2026.03"}]}}],"versions":["2026.03","2025.12.01","2025.12","2025.09","2025.06.01","2025.06","2025.03","2024.12.01","2024.12","2024.10","2024.08","2024.04.02","2024.04.01","2024.04","2024.01.01","2024.01","2023.11"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-14904.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}]}