Threats Tagged 'cve-2026-6912'
View all threats tagged with 'cve-2026-6912'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-6912'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-6912: CWE-915 Improperly controlled modification of Dynamically-Determined object attributes in AWS AWS Ops WheelCVE-2026-6912 0 CVE-2026-6912 is a high-severity vulnerability in AWS Ops Wheel affecting the Cognito User Pool configuration. It allows remote authenticated users to escalate privileges to deployment admin by exploiting improper control over dynamically-determined object attributes via a crafted UpdateUserAttributes API call. This enables attackers to set the custom:deployment_admin attribute and manage Cognito user accounts. The vulnerability is present before pull request #165 and affects version 0 of AWS Ops Wheel. AWS manages remediation for this cloud service and has released a fix. Users should redeploy from the updated repository and patch any forked or derivative code accordingly. Join the discussion | CVE Database V5 | 04/24/2026, 16:11:45 UTC Added: 04/24/2026, 17:06:05 UTC |
Showing 1 to 1 of 1 result