Cyber Resilience

CVE-2026-12530

High

Published: 17 June 2026

Published
17 June 2026
Modified
22 June 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0030 21.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-12530 is a high-severity Argument Injection (CWE-88) vulnerability. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked at the 21.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Improper neutralization of argument delimiters in the install_packages() method in AWS Bedrock AgentCore Python SDK versions >= 1.1.3 and < 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name…

more

arguments. To mitigate this issue, users should upgrade to version 1.6.1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

CWE-88 argument injection in Python SDK method directly enables arbitrary command execution via the Python interpreter in the sandbox.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

Bedrock AgentCore Python SDK
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References