2 matches found
CVE-2026-15415
The CVE-2026-15415 entry concerns the AWS HealthOmics MCP Server (aws-healthomics-mcp-server) before version 0.0.36. The vulnerability is a path traversal in the linting tools that can let an actor who can influence the MCP agent write actor-controlled content to arbitrary locations outside the i...
CVE-2026-15415 Path traversal and arbitrary file write in the workflow linters of aws-healthomics-mcp-server
AWS HealthOmics is a HIPAA-eligible service that fully manages the compute, storage, and workflow engine infrastructure required to run bioinformatics analyses at scale for clinical diagnostics, drug discovery, and agricultural research. Improper limitation of a pathname to a restricted directory...