Skip to main content

Awslabs Healthlake Mcp Server

1 CVEs product

Monthly

CVE-2026-15643 CRITICAL PATCH Act Now

Server-side request forgery in AWS awslabs.healthlake-mcp-server before 0.0.14 lets a remote authenticated user exfiltrate AWS temporary security credentials to an attacker-controlled endpoint by supplying a crafted next_token pagination parameter. Because the server never validates that paginated request URLs still point at the legitimate HealthLake FHIR datastore, subsequent authenticated calls (carrying SigV4/temporary credentials) can be redirected off-host. Rated CVSS 4.0 9.2 (critical); no public exploit identified at time of analysis and not listed in CISA KEV.

SSRF Awslabs Healthlake Mcp Server
NVD
CVSS 4.0
9.2
EPSS
0.2%
EPSS 0% CVSS 9.2
CRITICAL PATCH Act Now

Server-side request forgery in AWS awslabs.healthlake-mcp-server before 0.0.14 lets a remote authenticated user exfiltrate AWS temporary security credentials to an attacker-controlled endpoint by supplying a crafted next_token pagination parameter. Because the server never validates that paginated request URLs still point at the legitimate HealthLake FHIR datastore, subsequent authenticated calls (carrying SigV4/temporary credentials) can be redirected off-host. Rated CVSS 4.0 9.2 (critical); no public exploit identified at time of analysis and not listed in CISA KEV.

SSRF Awslabs Healthlake Mcp Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy