VYPR

AWS API Mcp Server

by Amazon

CVEs (1)

  • CVE-2026-4270MedMar 16, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client…