CVE-2026-15746

Source
https://cve.org/CVERecord?id=CVE-2026-15746
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-15746.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-15746
Aliases
  • GHSA-ppcf-fpr3-x46v
Published
2026-07-15T18:35:47.382Z
Modified
2026-07-17T03:46:01.366633599Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Credential disclosure in Strands Agents Tools elasticsearch_memory tool
Details

Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery (SSRF) issue in the elasticsearchmemory tool. The tool exposed its connection parameters (esurl, cloudid, apikey) as fields the large language model (LLM) could control through the tool schema. When a caller omitted the apikey parameter, the tool fell back to the operator's ELASTICSEARCHAPIKEY environment variable and sent it to whichever host the LLM specified. A crafted prompt could cause the tool to connect to a threat-actor-controlled server and disclose the operator's Elasticsearch API key in the Authorization header.

We recommend you upgrade to strands-agents-tools version 0.7.0 or later. As a precautionary measure, we recommend all operators rotate their ELASTICSEARCHAPIKEY, even if there is no indication the credential was exposed.

Database specific
{
    "cwe_ids": [
        "CWE-918"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/15xxx/CVE-2026-15746.json",
    "cna_assigner": "AMZN"
}
References

Affected packages

Git / github.com/strands-agents/tools

Affected ranges

Type
GIT
Repo
https://github.com/strands-agents/tools
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.7.0"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

v0.*
v0.1.0
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.2.0
v0.2.1
v0.2.10
v0.2.11
v0.2.12
v0.2.13
v0.2.14
v0.2.15
v0.2.16
v0.2.17
v0.2.18
v0.2.19
v0.2.2
v0.2.20
v0.2.21
v0.2.22
v0.2.23
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v0.2.9
v0.3.0
v0.4.0
v0.4.1
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.6.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-15746.json"