Aws Api Mcp Server
Approved changes feed: RSS · Atom
cpe:2.3:a:aws:aws_api_mcp_server:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aws (e6707f00-6abb-51df-808c-9e3417305027) |
|---|---|
| Product | Aws Api Mcp Server (01209dc2-502f-541d-8e96-3075da16e2b1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-4270 |
vulnerable | 2026-06-03 15:26:25.077929 |
AWS API MCP File Access Restriction Bypass
MEDIUM (5.5)
Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context.
To remediate this issue, users should upgrade to version 1.3.9.
Published: 2026-03-16T16:07:53.324Z
Updated: 2026-03-16T18:17:17.927Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.