logo

Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds

ID: b0f3f4f3-00ac-5839-b7d3-fef2fe1a74f7

STIX ID: report--b0f3f4f3-00ac-5839-b7d3-fef2fe1a74f7

Feed Name: The Register (Security)

Threat Score
72/100

Date Published: 2026-06-26

Date Updated: 2026-06-26

...
...

Amazon Q contained a high-severity vulnerability (CVE-2026-12957, CVSS 8.5) where the extension automatically loaded and executed workspace MCP configuration files (.amazonq/mcp.json) without user consent or workspace trust, enabling arbitrary command execution that could inherit developer environment credentials (including AWS keys). Wiz demonstrated a proof-of-concept repository that used this mechanism to perform actions with the developer's AWS credentials; Amazon remediated the issue in language server version 1.65.0.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.