CVE-2026-12530

Summary

Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments.

To mitigate this issue, users should upgrade to version 1.6.1.

Affected Software

VendorProductVersion RangeStatus
AWSbedrock-agentcore1.1.3 < 1.6.1affected

Weaknesses

  • CWE-88: CWE-88 Improper neutralization of argument delimiters in a command ('argument injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References