Vulnerabilities3 min read
Amazon Q Developer Flaw Let Attackers Steal AWS Credentials via Repos
CVE-2026-12957 and CVE-2026-12958 enabled code execution and AWS credential theft when developers opened malicious repositories. Patch auto-applied for most users.
Marcus ChenJun 28, 2026