Critical AWS Ops Wheel Flaws Enable Admin Takeover via JWT Forgery and Cognito Abuse
AWS disclosed two severe vulnerabilities in AWS Ops Wheel that can let attackers seize administrative control of deployments and manipulate tenant data. CVE-2026-6911 is an authentication bypass caused by missing JWT signature verification at the API Gateway endpoint, allowing unauthenticated attackers to forge tokens and gain unintended admin access. AWS said successful exploitation could let attackers read, modify, and delete application data across tenants and manage Cognito user accounts in the deployment's User Pool; the flaw is tracked as CWE-347 and carries a critical CVSS v3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H rating.
AWS also fixed CVE-2026-6912, a privilege-escalation issue in Ops Wheel's Cognito User Pool configuration that let authenticated users promote themselves to deployment administrator by setting the custom:deployment_admin attribute through the UpdateUserAttributes API. The bug, classified as CWE-915, exposed the same ability to manage Cognito user accounts and carried a high-severity CVSS v3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H score. AWS directed customers to redeploy from the updated repository and apply the fixes to any forked or derivative code, with patches referenced in an AWS security bulletin, a GitHub pull request, and a GitHub security advisory.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
CVE-2026-6911 and CVE-2026-6912 are publicly recorded
On April 24, 2026, CVE records were published for two AWS Ops Wheel vulnerabilities: CVE-2026-6911, an authentication bypass via missing JWT signature verification, and CVE-2026-6912, a privilege-escalation flaw involving a self-writable Cognito custom attribute. The disclosures described potential impact including cross-tenant data access and Cognito user account management.
AWS fixes two privilege flaws in AWS Ops Wheel before pull request #165
AWS released updated AWS Ops Wheel code addressing two issues: missing JWT signature verification that allowed unauthenticated admin access, and a Cognito custom attribute misconfiguration that allowed authenticated users to escalate to deployment administrator. AWS advised customers to redeploy from the updated repository and patch any forked or derivative code.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
CVE-2026-6912 - Privilege Escalation via Self-Writable Cognito Custom Attribute in AWS Ops Wheel
cvefeed.io
Open sourceCVE-2026-6911 - Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel
cvefeed.io
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
AWS Ops Wheel v2 flaws enabled admin takeover via JWT forgery and Cognito abuse
AWS disclosed two critical vulnerabilities in **AWS Ops Wheel v2** that could let attackers seize full administrative control of customer deployments. **CVE-2026-6911** stems from missing cryptographic verification of JWT signatures in the v2 API, allowing an unauthenticated attacker with network access to the API Gateway endpoint to forge tokens with arbitrary tenant and administrator claims. The flaw could expose all application data across tenants and permit management of Amazon Cognito user accounts; it affects deployments built from **PR #147 through PR #163**, while v1 is not affected. GitHub advisory **`GHSA-v5vr-8w3c-37x2`** says the issue was fixed in **PR #164**, and temporary mitigations include restricting API Gateway access with **AWS WAF** or **VPC** controls. A second issue, **CVE-2026-6912**, allowed any authenticated user to escalate privileges by modifying self-writable security-sensitive Cognito attributes such as `custom:deployment_admin` through the Cognito `UpdateUserAttributes` API. An attacker could promote their own account to deployment administrator, then read, modify, or delete cross-tenant data and manage all users in the deployment’s Cognito User Pool. That flaw affects the same **PR #147-#163** range and was fixed in **PR #165** by tightening Cognito `WriteAttributes` and adding server-side email verification tied to `DEPLOYMENT_ADMIN_EMAILS`. Because Ops Wheel is deployed into customer AWS accounts through CloudFormation, each affected deployment and any forks or derivative code must be individually updated.
Jun 29, 2026
AWS Research and Engineering Studio Flaws Enable Root Command Execution and AWS Privilege Escalation
AWS disclosed two high-severity vulnerabilities in **Research and Engineering Studio (RES)** that affect releases from `2025.03` through versions prior to `2026.03`. The first, **`CVE-2026-5707`**, is a `CWE-78` command injection flaw in virtual desktop session name handling that could let a remote authenticated attacker execute arbitrary commands as **root** on a virtual desktop host by supplying a crafted session name. The issue carries a CVSS v3.1 rating of `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`, reflecting high impact across confidentiality, integrity, and availability. AWS also disclosed **`CVE-2026-5708`**, a `CWE-915` privilege-escalation flaw in the RES `CreateSession` API caused by improper control of user-modifiable attributes. An authenticated attacker could use a crafted API request to escalate privileges, assume the virtual desktop host instance profile permissions, and access AWS resources and services. AWS directed customers to upgrade to **RES `2026.03`** or apply the vendor mitigation patch, with details published through an AWS security bulletin, a GitHub issue, and the RES `2026.03` release notes.
Jun 29, 2026
AWS discloses multiple flaws across SageMaker, Redshift, RabbitMQ, Braket, and WorkSpaces
AWS published a series of security bulletins covering vulnerabilities across several products and SDKs, including **model artifact integrity verification issues** in the Amazon SageMaker Python SDK (`CVE-2026-8596`, `CVE-2026-8597`), a **heap out-of-bounds read** in `coreMQTT` MQTT5 property parsing (`CVE-2026-8686`), and a **remote code execution** flaw in the `amazon-redshift-python-driver` (`CVE-2026-8838`). The company also disclosed an **arbitrary file read** issue in the `rabbitmq-aws` plugin (`CVE-2026-9133`), **tool execution without authorization via piped stdin** in Kiro CLI (`CVE-2026-9255`), and **insecure deserialization** in Amazon Braket SDK job results processing (`CVE-2026-9291`). A separate advisory addressed **improper authentication token handling** in the Amazon WorkSpaces client for Linux. Taken together, the disclosures span cloud development tools, messaging components, data platforms, quantum-computing SDKs, and end-user clients, indicating a broad patching requirement for organizations using AWS software. Security teams should identify affected packages and clients in their environments and prioritize remediation for flaws that could enable **remote code execution, unauthorized actions, file disclosure, or unsafe processing of untrusted data**.
Jun 30, 2026