Skip to main content

Awslabs Healthlake Mcp Server EUVDEUVD-2026-44455

| CVE-2026-15643 CRITICAL
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-14 AMZN
9.2
CVSS 4.0 · Vendor: AMZN
Share

Severity by source

Vendor (AMZN) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (AMZN) · only source for this CVE.

CVSS VectorVendor: AMZN

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
A
Scope
X

Lifecycle Timeline

3
Patch available
Jul 14, 2026 - 23:20 EUVD
Analysis Generated
Jul 14, 2026 - 21:24 vuln.today
CVE Published
Jul 14, 2026 - 20:03 cve.org
CRITICAL 9.2

DescriptionCVE.org

AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. A server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all platforms might allow a remote authenticated user to exfiltrate AWS temporary security credentials to an arbitrary endpoint via a crafted next_token parameter. The server does not validate that pagination URLs point back to the expected HealthLake endpoint, allowing an actor to redirect subsequent requests to an actor-controlled server.

Its recommended to upgrade to version 0.0.14 or later.

AnalysisAI

Server-side request forgery in AWS awslabs.healthlake-mcp-server before 0.0.14 lets a remote authenticated user exfiltrate AWS temporary security credentials to an attacker-controlled endpoint by supplying a crafted next_token pagination parameter. Because the server never validates that paginated request URLs still point at the legitimate HealthLake FHIR datastore, subsequent authenticated calls (carrying SigV4/temporary credentials) can be redirected off-host. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Recommended ActionAI

Within 24 hours, inventory all systems running awslabs.healthlake-mcp-server prior to version 0.0.14 and disable or isolate the service. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-44455 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy