AWS Mcp Server

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-5058	Alexei Led AWS Mcp Server	Cri	0.64	9.8	0.02		Apr 11, 2026	aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
CVE-2025-5277	Alexei Led AWS Mcp Server	Cri	0.55	9.6	0.01		May 28, 2025	aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system.

CVE-2026-5058CriApr 11, 2026
Alexei Led
AWS Mcp Server
risk 0.64cvss 9.8epss 0.02
aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
CVE-2025-5277CriMay 28, 2025
Alexei Led
AWS Mcp Server
risk 0.55cvss 9.6epss 0.01
aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system.