CVE-2026-7791

Daily digests

The Skylight Workspace Config Service in Amazon WorkSpaces for Windows has a flaw in its log rotation. A local non-admin user can plant arbitrary files in arbitrary locations, bypassing file system permissions, and escalate all the way to SYSTEM. You need local access, but no admin rights, so this is a real concern on any WorkSpaces desktop.

• Daily Digest · May 5, 2026

  Linux ksmbd RCE (9.8) + 4 more to review