Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2026/03/17 8:34 p.m.7 views

Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit

Summary An issue has been identified in the Bedrock AgentCore Starter Toolkit versions prior to v0.1.13 that may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. Impact A remote actor could inject code during the build process,...

7.5CVSS6.2AI score0.00242EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/16 6:3 p.m.9 views

CVE-2026-4269 Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit

A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore Starter Toolkit before...

5.8CVSS6.5AI score0.00242EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/16 6:3 p.m.3 views

CVE-2026-4269 Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit

A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore Starter Toolkit before...

7.5CVSS6.3AI score0.00242EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/16 6:3 p.m.5 views

CVE-2026-4269

A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore Starter Toolkit before...

7.5CVSS6.3AI score0.00242EPSS
Exploits0References3
CVE
CVE
added 2026/03/16 6:3 p.m.22 views

CVE-2026-4269

CVE-2026-4269 : The Bedrock AgentCore Starter Toolkit (pre-v0.1.13) suffers from missing S3 ownership verification during the build process, enabling a remote attacker to inject code and execute it in the AgentCore Runtime when a toolkit is built after 2025-09-24. Affected: users on pre-0.1.13 bu...

7.5CVSS6.3AI score0.00242EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder