PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-15415 AWS CVE debrief

AWS HealthOmics is a HIPAA-eligible service managing infrastructure for bioinformatics analyses. A path traversal issue in the linting tools of the AWS HealthOmics MCP Server before version 0.0.36 might allow an actor to write content to arbitrary locations outside the intended workflow bundle directory. This issue has a CVSS score of 6.8 and a severity of MEDIUM. The vulnerability is caused by improper limitation of a pathname to a restricted directory in the linting tools. Users of AWS HealthOmics MCP Server before version 0.0.36 should be aware of this path traversal vulnerability and take necessary precautions.

Vendor
AWS
Product
aws-healthomics-mcp-server
CVSS
MEDIUM 6.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-17
Original CVE updated
2026-07-17
Advisory published
2026-07-17
Advisory updated
2026-07-17

Who should care

Users of AWS HealthOmics MCP Server before version 0.0.36 should be aware of this path traversal vulnerability and take necessary precautions. This includes reviewing and monitoring workflow_files input for suspicious activity and implementing compensating controls to restrict write access to sensitive directories. Additionally, users should upgrade to version 0.0.36 or later of the AWS HealthOmics MCP Server.

Technical summary

The AWS HealthOmics MCP Server has a path traversal vulnerability in its linting tools before version 0.0.36. This issue might allow an actor who can influence the MCP agent to write actor-controlled content to arbitrary locations outside the intended workflow bundle directory via directory traversal sequences in the workflow_files input. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. The issue is caused by improper limitation of a pathname to a restricted directory in the linting tools.

Defensive priority

Medium priority due to the potential for arbitrary content writing.

Recommended defensive actions

  • Upgrade to version 0.0.36 or later of the AWS HealthOmics MCP Server
  • Review and monitor workflow_files input for suspicious activity
  • Implement compensating controls to restrict write access to sensitive directories
  • Review the official advisory for more information
  • Verify the affected scope and severity with the official advisory
  • Track exceptions and retest remediated assets

Evidence notes

The CVE record was published on 2026-07-17T20:17:15.923Z and has not been modified since then. The NVD entry is currently 6.8 MEDIUM. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the official advisory. The AWS HealthOmics MCP Server before version 0.0.36 has a path traversal vulnerability in its linting tools, which might allow an actor to write content to arbitrary locations outside the intended workflow bundle directory. Users should review the official advisory for more information and upgrade to version 0.0.36 or later.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-17T20:17:15.923Z and has not been modified since then.