CVE Vulnerabilities

CVE-2026-1778

Improper Certificate Validation

Published: Feb 02, 2026 | Modified: Feb 03, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Potential Mitigations

References