Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded yesterday4 views

EUVD-2026-35187

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

9CVSS6.3AI score
Exploits0References5
ATTACKERKB
ATTACKERKBadded yesterday2 views

CVE-2026-11393

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

9CVSS6.3AI score
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded yesterday3 views

CVE-2026-11393 Code injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent import

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

9CVSS6.3AI score
Exploits0References5
CVE
CVEadded yesterday6 views

CVE-2026-11393

Affected software: AgentCore CLI (v0.14.2 fix). Vulnerable path: Python code generation in AgentCore CLI before v0.14.2. Root cause: improper neutralization of triple-quote characters during code generation, enabling an authenticated remote actor to run arbitrary code. Impact: potential execution...

9CVSS6.3AI score
Exploits0References5
Cvelist
Cvelistadded yesterday8 views

CVE-2026-11393 Code injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent import

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

9CVSS
Exploits0References5
Positive Technologies
Positive Technologiesadded yesterday4 views

PT-2026-47432

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

9CVSS6.3AI score
Exploits0References6
Snyk
Snykadded 2026/04/08 12:18 a.m.3 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception via the eventstream decoder process. An attacker can cause the host process to terminate unexpectedly by sending a crafted EventStream response frame containing a header value type byte outside the valid range...

8.2CVSS5.4AI score
Exploits0References2
Hacker One
Hacker Oneadded 2024/10/23 6:23 p.m.4 views

AWS VDP: Non-Production API Endpoints for the bedrock-agent Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration

The non-production API endpoints for the bedrock-agent service failed to log to CloudTrail, resulting in silent permission enumeration. A total of 26 non-production endpoints were found that could be used with standard IAM credentials without generating CloudTrail logs. This vulnerability was...

7.1AI score
Exploits0
Rows per page
Query Builder