CVE-2026-15643 - AWS HealthLake MCP Server SSRF via Unvalidated Pagination URL
Summary
AWS HealthLake MCP Server (a tool that lets AI assistants access AWS health data) before version 0.0.14 has a security flaw where it doesn't check that pagination URLs (links used to load more results) point to the legitimate server. An authenticated attacker can exploit this by sending a crafted next_token parameter (a special value that tells the server what data to load next) to redirect requests to their own server and steal temporary AWS credentials (temporary access keys that grant permissions).
Solution / Mitigation
Update AWS HealthLake MCP Server to version 0.0.14 or later.
Classification
Affected Vendors
Related Issues
Original source: https://aws.amazon.com/security/security-bulletins/rss/2026-054-aws/
First tracked: July 14, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%