CVE-2026-4270

MEDIUM

AWS API MCP Server 0.2.14-1.3.8 - File Access Restriction Bypass

Title source: manual

Description

Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context. To remediate this issue, users should upgrade to version 1.3.9.

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory

https://aws.amazon.com/security/security-bulletins/2026-007-AWS/

Patch patch

https://pypi.org/project/awslabs.aws-api-mcp-server/1.3.9/

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 5.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-424

Status published

Products (3)

amazon/aws_api_mcp_server 0.2.14 - 1.3.9

AWS/AWS API MCP Server 0.2.14 - 1.3.9

pypi/awslabs.aws-api-mcp-server 0.2.14 - 1.3.9PyPI

Published Mar 16, 2026

Tracked Since Mar 16, 2026