PyPI package
awslabs.aws-api-mcp-server
pkg:pypi/awslabs.aws-api-mcp-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-4270 | Med | 5.5 | >= 0.2.14, < 1.3.9 | 1.3.9 | Mar 16, 2026 | Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client applicat |
- affected >= 0.2.14, < 1.3.9fixed 1.3.9
Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client applicat