CyberRota
← Ana sayfaya dön

CVE-2026-12530

HIGH · CVSS 7.3 EPSS %0.30

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-17T22:16:20.740 · Çekilme zamanı: 2026-06-30T12:25:58.334722+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir. Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-12530
Severity
HIGH
CVSS
7.3
EPSS
%0.30

Orijinal NVD Açıklaması

Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate this issue, users should upgrade to version 1.6.1.