Incorrect permission assignment for critical resource in aws-cli - CVE-2026-13769
Published: July 3, 2026
aws-cli
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to incorrect permission assignment for critical resource in credential and configuration files written by the aws codeartifact login, aws iam create-virtual-mfa-device, and aws deploy register subcommands when creating files on Unix-like systems with a default umask. A local user can read world-readable files to disclose sensitive information.
Only Unix-like systems with a default umask are affected.