CVE-2026-7191
Published: 27 April 2026
Summary
CVE-2026-7191 is a high-severity Code Injection (CWE-94) vulnerability in Amazon (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-7191 is a code injection vulnerability stemming from improper use of the static-eval npm package in the open source qnabot-on-aws solution, affecting versions 7.2.4 and earlier. The flaw enables an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression through the Content Designer interface. This bypasses the intended expression sandbox via JavaScript prototype manipulation, as classified under CWE-94 (Improper Control of Generation of Code). The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
An attacker requires high-privilege access as an authenticated administrator to exploit this issue over the network with low complexity and no user interaction. Successful exploitation grants arbitrary code execution in the Lambda environment, providing direct access to backend AWS resources not exposed through standard administrative interfaces, including Lambda environment variables, OpenSearch indices, S3 objects, and DynamoDB tables.
AWS security bulletin 2026-020 and the qnabot-on-aws GitHub release for version 7.3.0 recommend upgrading to version 7.3.0 or later to mitigate the vulnerability by addressing the static-eval package misuse and sandbox bypass.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25921
Vulnerability details
Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via…
more
the Content Designer interface, which bypasses the intended expression sandbox through JavaScript prototype manipulation. This may grant direct access to backend resources (Lambda environment variables, OpenSearch indices, S3 objects, DynamoDB tables) that are not exposed through normal administrative interfaces. We recommend you upgrade to version 7.3.0 or above.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Code injection via web interface enables arbitrary JS execution in AWS Lambda (T1190 for app exploitation, T1059.007 for JavaScript interpreter abuse, T1648 for serverless function code execution).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the code injection vulnerability by remediating the improper static-eval package usage through upgrades to version 7.3.0 or later.
Prevents arbitrary code execution by validating and sanitizing crafted conditional chaining expressions injected via the Content Designer interface.
Restricts information inputs to the Content Designer to safe formats, blocking JavaScript prototype manipulation attempts that bypass the sandbox.