14 matches found
EUVD-2026-21656
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
CVE-2026-5059
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
CVE-2026-5058
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the...
CVE-2026-5059 aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
CVE-2026-5059
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
CVE-2026-5058 aws-mcp-server Command Injection Remote Code Execution Vulnerability
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the...
CVE-2026-5058
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the...
CVE-2026-5058 aws-mcp-server Command Injection Remote Code Execution Vulnerability
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the...
CVE-2026-5058
aws-mcp-server is vulnerable to a remote command-injection (CVE-2026-5058) caused by insufficient validation of a user-supplied string before using it in a system call. This allows arbitrary code execution in the MCP server context. The CVSS v3 base score is 9.8 (CRITICAL) with network access, no...
PT-2026-29110
Name of the Vulnerable Software and Affected Versions aws-mcp-server affected versions not specified Description aws-mcp-server is affected by a command injection issue that allows for remote code execution. This issue is related to the AWS CLI. It has been identified as a zero-day. Recommendatio...
CVE-2025-5277
aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system...
CVE-2025-5277
aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system...
CVE-2025-5277
CVE-2025-5277 affects the aws-mcp-server MCP server. The vulnerability is a command injection where an attacker can craft a prompt that, when accessed by the MCP client, will cause arbitrary commands to run on the host. The NVD metrics indicate a CRITICAL impact (CVSSv4.0 9.4; CVSSv3.1 9.6) with ...
PT-2025-23083
Name of the Vulnerable Software and Affected Versions: aws-mcp-server affected versions not specified Description: The issue is related to command injection. An attacker can craft a prompt that, once accessed by the MCP client, will run arbitrary commands on the host system. Recommendations: At t...