CVE-2026-15643 - AWS HealthLake MCP Server SSRF via Unvalidated Pagination URL
🔗 CVE IDs covered (1)
📋 Description
Bulletin ID: 2026-054-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/14/2026 13:00 PM PDT
Description:
AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. We identified CVE-2026-15643, a server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all platforms might allow a remote authenticated user to exfiltrate AWS temporary security credentials to an arbitrary endpoint via a crafted next_token parameter. The server does not validate that pagination URLs point back to the expected HealthLake endpoint, allowing an actor to redirect subsequent requests to an actor-controlled server.
Impacted versions:
Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.