CVE-2026-4269 - Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit
highvulnerability
security
Source: AWS Security BulletinsMarch 16, 2026
Summary
The Bedrock AgentCore Starter Toolkit (a tool for building AI agents on AWS) before version v0.1.13 has a vulnerability where it doesn't properly verify S3 ownership (S3 is AWS's cloud storage service). This missing check could allow an attacker to inject malicious code during the build process (when the software is being compiled), potentially leading to code execution in the running application. The vulnerability only affects users who built the toolkit after September 24, 2025.
Solution / Mitigation
Update to Bedrock AgentCore Starter Toolkit version v0.1.13 or later.
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityavailability
Affected Vendors
Amazon
Related Issues
Original source: https://aws.amazon.com/security/security-bulletins/rss/2026-008-aws/
First tracked: March 16, 2026 at 04:00 PM
Classified by LLM (prompt v3) · confidence: 92%