LOWVulnerability
Global

CVE-2026-13769 – Insecure file permissions in AWS CLI

·Source: AWS Security Bulletins

Updated:

Executive Summary

Bulletin ID: 2026-049-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/01/2026 11:45 AM PDT Description: The AWS Command Line Interface (AWS CLI) is a unified tool for managing AWS services from the command line. We identified CVE-2026-13769 in AWS CLI on Unix-like systems where the umask has not been c

Analysis

Bulletin ID: 2026-049-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/01/2026 11:45 AM PDT Description: The AWS Command Line Interface (AWS CLI) is a unified tool for managing AWS services from the command line. We identified CVE-2026-13769 in AWS CLI on Unix-like systems where the umask has not been configured to restrict file permissions (the default on most systems) wrote credential and configuration files with world-readable permissions, which allows other local users on the same host to read credentials. Impacted versions: Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.

Indicators of Compromise (1)

CVE (1)
CVE-2026-13769
Source Attribution

Originally published by AWS Security Bulletins on Jul 1, 2026.

Related Threats