CVE-2026-12957
Arbitrary Code Execution in Language Servers for AWS
Description
Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 on all supported platforms may allow a for arbitrary code execution. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed. This issue requires the user to trust the workspace when prompted. To remediate this issue, users should upgrade to Language Servers for AWS version 1.65.0 or higher.
In plain language
AI Worth attentionLanguage Servers for AWS before version 1.65.0 can run harmful commands on your computer if you open a malicious project workspace and then trust it when prompted; most small businesses should patch, but this isn’t a common “drive-by” attack.
In Language Servers for AWS versions before 1.65.0, a trust-boundary failure lets arbitrary code execution trigger from malicious project configuration files after a user opens a crafted workspace and accepts/“trusts” it when prompted (no authentication required).
What to do now
- Check which version of Language Servers for AWS you’re using in your editor/IDE extensions.
- If it is earlier than 1.65.0, plan an update.
- Update Language Servers for AWS to version 1.65.0 or later.
- If you received a “trust this workspace” prompt from an unknown project, avoid trusting it and delete the workspace from your machine.
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:RUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
1 techniqueReferences
- ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and Moreen·The Hacker News·
- Amazon Q VS Extension Flaw Leads to Cloud Credential Theften·Dark Reading· Source-only·
- Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositoriesen-us·SecurityWeek·
- Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configsen·The Hacker News·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-12957 and every CVE in our database. Create a free account — no credit card required.
Create Free Account