CyberSecurity News

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs

The Hacker News

· June 26, 2026

AI summary

A high-severity flaw in Amazon Q Developer allowed a malicious repository to execute commands and steal cloud credentials. This occurred when a developer opened the repository, trusted the workspace, and Amazon Q automatically handled the rest. The vulnerability was related to how Amazon's AI coding assistant handled Model Context Protocol servers. Amazon has issued a patch for the bug, which is tracked as CVE-2026-12957 with a CVSS score of 8.5. The flaw was discovered by Wiz. The patch addresses the issue, preventing malicious repositories from running code via MCP configurations.

Vulnerabilities mentioned

CVE-2026-12957

HIGH

CVSS 7.8

Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 on all supported platforms may allow a for arbitrary code execution. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed. This issue requires the user to trust the workspace when prompted. To remediate this issue, users should upgrade to Language Servers for AWS version 1.65.0 or higher.

Read the full article at The Hacker Newsthehackernews.com/2026/06/amazon-q-developer-flaw-could-let.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.