CVE-2026-15746 - Credential disclosure in Strands Agents Tools elasticsearch_memory tool
Summary
Strands Agents, a Python SDK for building AI agents, contained a vulnerability (CVE-2026-15746) in its elasticsearch_memory tool where connection settings could be controlled by the LLM (the AI model itself). If an API key wasn't provided, the tool would use the operator's Elasticsearch API key from their environment and send it to any server the LLM directed it to, allowing attackers to steal credentials through a crafted prompt.
Classification
Affected Vendors
Related Issues
Original source: https://aws.amazon.com/security/security-bulletins/rss/2026-056-aws/
First tracked: July 15, 2026 at 08:01 PM
Classified by LLM (prompt v3) · confidence: 92%