VYPR

PyPI package

awslabs.aws-api-mcp-server

pkg:pypi/awslabs.aws-api-mcp-server

Vulnerabilities (1)

  • CVE-2026-4270MedMar 16, 2026
    affected >= 0.2.14, < 1.3.9fixed 1.3.9

    Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client applicat