CVE-2026-13769 – Insecure file permissions in AWS CLI
Bulletin ID: 2026-049-AWS
Scope: AWS
Content Type: Important (requires attention)
Publication Date: 07/01/2026 11:45 AM PDT
Description:
The AWS Command Line Interface (AWS CLI) is a unified tool for managing AWS services from the command line. We identified CVE-2026-13769 in AWS CLI on Unix-like systems where the umask has not been configured to restrict file permissions (the default on most systems) wrote credential and configuration files with world-readable permissions, which allows other local users on the same host to read credentials.
Impacted versions: <=1.44.77 (v1) AND <=2.34.28 (v2)
Resolution:
This issue has been addressed in AWS CLI v1 1.44.78 and AWS CLI v2 2.34.29. We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.
References:
Please email aws-security@amazon.com with any security questions or concerns.