GHSA-2cpp-j2fc-qhp7: AWS API MCP File Access Restriction Bypass
mediumvulnerability
security
Summary
The AWS API MCP Server (a tool that lets AI assistants interact with AWS services) has a vulnerability in versions 0.2.14 through 1.3.8 where attackers can bypass file access restrictions and read files they shouldn't be able to access, even when the server is configured to block file operations or limit them to a specific directory.
Solution / Mitigation
Upgrade to version 1.3.9 or later.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Patch Available
Yes
Disclosure Date
March 17, 2026
Classification
Attack Type
Other
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Affected Packages
awslabs.aws-api-mcp-server@>= 0.2.14, < 1.3.9 (fixed: 1.3.9)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-2cpp-j2fc-qhp7
First tracked: March 17, 2026 at 04:55 PM
Classified by LLM (prompt v3) · confidence: 92%