{"data":{"id":"0803d713-0b41-43f5-bea7-0b25923d515b","title":"MCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code Extension","summary":"Amazon Q, an AI coding assistant for VS Code, had a high-severity vulnerability (CVE-2026-12957) that let attackers execute arbitrary code and steal cloud credentials just by having a developer open a malicious repository. The problem was that Amazon Q automatically loaded and ran MCP server configurations (local processes that extend an AI assistant's capabilities) from workspace files without asking the user for permission or checking if the folder was trusted. Since these processes inherited the developer's full environment, attackers could access sensitive credentials like AWS keys and API tokens.","solution":"Amazon has remediated this issue in language server version 1.65.0.","labels":["security"],"sourceUrl":"https://www.wiz.io/blog/amazon-q-vulnerability","publishedAt":"2026-06-26T12:00:01.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Amazon"],"affectedVendorsRaw":["Amazon Q","Amazon Web Services","AWS"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-26T12:00:01.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}