Cyber Resilience

CVE-2026-7191

HighRCE

Published: 27 April 2026

Published
27 April 2026
Modified
28 April 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0043 34.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-7191 is a high-severity Code Injection (CWE-94) vulnerability in Amazon (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-7191 is a code injection vulnerability stemming from improper use of the static-eval npm package in the open source qnabot-on-aws solution, affecting versions 7.2.4 and earlier. The flaw enables an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression through the Content Designer interface. This bypasses the intended expression sandbox via JavaScript prototype manipulation, as classified under CWE-94 (Improper Control of Generation of Code). The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

An attacker requires high-privilege access as an authenticated administrator to exploit this issue over the network with low complexity and no user interaction. Successful exploitation grants arbitrary code execution in the Lambda environment, providing direct access to backend AWS resources not exposed through standard administrative interfaces, including Lambda environment variables, OpenSearch indices, S3 objects, and DynamoDB tables.

AWS security bulletin 2026-020 and the qnabot-on-aws GitHub release for version 7.3.0 recommend upgrading to version 7.3.0 or later to mitigate the vulnerability by addressing the static-eval package misuse and sandbox bypass.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via…

more

the Content Designer interface, which bypasses the intended expression sandbox through JavaScript prototype manipulation. This may grant direct access to backend resources (Lambda environment variables, OpenSearch indices, S3 objects, DynamoDB tables) that are not exposed through normal administrative interfaces. We recommend you upgrade to version 7.3.0 or above.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
T1648 Serverless Execution Execution
Adversaries may abuse serverless computing, integration, and automation services to execute arbitrary code in cloud environments.
Why these techniques?

Code injection via web interface enables arbitrary JS execution in AWS Lambda (T1190 for app exploitation, T1059.007 for JavaScript interpreter abuse, T1648 for serverless function code execution).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-26260Shared CWE-94
CVE-2026-26954Shared CWE-94
CVE-2026-41507Shared CWE-94
CVE-2025-12735Shared CWE-94
CVE-2026-25887Shared CWE-94
CVE-2026-33881Shared CWE-94
CVE-2026-25141Shared CWE-94
CVE-2025-23061Shared CWE-94
CVE-2026-33943Shared CWE-94
CVE-2026-4800Shared CWE-94

Affected Assets

Amazon
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the code injection vulnerability by remediating the improper static-eval package usage through upgrades to version 7.3.0 or later.

prevent

Prevents arbitrary code execution by validating and sanitizing crafted conditional chaining expressions injected via the Content Designer interface.

prevent

Restricts information inputs to the Content Designer to safe formats, blocking JavaScript prototype manipulation attempts that bypass the sandbox.

References