PatchSiren cyber security CVE debrief
CVE-2026-15737 AWS CVE debrief
The AWS Bedrock AgentCore Python SDK, an open-source library for building AI agents on Amazon Bedrock AgentCore, had a vulnerability in versions 1.4.8 and 1.5.0. The OpenTelemetry instrumentation unintentionally logged sensitive user content, including raw user prompts and complete agent responses, without filtering or masking. These logs were written to span attributes and flowed into the customer's aws/spans CloudWatch log group. This exposure could allow a local authenticated user with access to CloudWatch Logs to access sensitive data.
- Vendor
- AWS
- Product
- bedrock-agentcore
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-16
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-16
- Advisory updated
- 2026-07-16
Who should care
Users of AWS Bedrock AgentCore Python SDK versions 1.4.8 and 1.5.0 should be concerned as their sensitive data may have been exposed in CloudWatch Logs. System administrators and security teams responsible for monitoring and managing access to CloudWatch Logs are particularly affected.
Technical summary
The AWS Bedrock AgentCore Python SDK versions 1.4.8 and 1.5.0 had a vulnerability where OpenTelemetry instrumentation logged sensitive user content, including raw user prompts and agent responses, without proper filtering or masking. This sensitive data was written to span attributes and stored in the aws/spans CloudWatch log group, potentially exposing it to local authenticated users with access to these logs.
Defensive priority
Medium priority due to the potential for sensitive data exposure to local authenticated users with access to CloudWatch Logs.
Recommended defensive actions
- Upgrade to version 1.5.1 or later of the AWS Bedrock AgentCore Python SDK.
- Review and purge sensitive content from aws/spans CloudWatch log groups for users who ran affected versions.
- Monitor CloudWatch Logs for sensitive content exposure.
- Restrict access to CloudWatch Logs to only necessary personnel.
- Implement additional logging and monitoring to detect potential misuse.
Evidence notes
The CVE record and NVD detail provide information on the vulnerability. The AWS security bulletin and GitHub advisory offer additional context and mitigation strategies. The PyPI page for version 1.5.1 confirms the fix.
Official resources
-
CVE-2026-15737 CVE record
CVE.org
-
CVE-2026-15737 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
ff89ba41-3aa1-4d27-914a-91399e9639e5
-
Source reference
ff89ba41-3aa1-4d27-914a-91399e9639e5
-
Source reference
ff89ba41-3aa1-4d27-914a-91399e9639e5
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T18:16:42.537Z and has not been modified since then. The NVD entry is currently Received.