A critical security flaw discovered in the Amazon Q Developer Extension for Visual Studio Code (VS Code) left developers vulnerable to arbitrary code execution and cloud credential theft. Tracked as CVE-2026-12957 and CVE-2026-12958, these high-severity vulnerabilities highlight significant risks in how AI coding assistants manage trust boundaries. The root cause of this vulnerability lies in […] The post Amazon Q Developer Vulnerability Allows Code Execution via Malicious Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/amazon-q-developer-vulnerability/
