Vulnerability  ·  2026-07-17

AWS Bedrock AgentCore Python SDK — OpenTelemetry Instrumentation Logs Sensitive User Content

VulnerabilityMedium impactGlobalCVE-2026-15737
AWS disclosed that its open-source Bedrock AgentCore Python SDK's tracing instrumentation logged sensitive user content by default in versions 1.4.8 and others, rather than redacting it before emission to telemetry pipelines.
Observability tooling for AI agents that inadvertently captures full user prompts/PII in trace logs creates a data-leakage risk across any downstream logging/monitoring infrastructure, a common but underappreciated blast radius for agent telemetry.
The SDK's OpenTelemetry instrumentation unintentionally logged sensitive user content (e.g., full prompts/agent inputs) into telemetry/trace data, which could be retained or forwarded to observability backends without redaction.
AWS Bedrock AgentCore Python SDK 1.4.8 and other affected versions
Apply the fix per AWS Security Bulletin 2026-058; review and purge any telemetry backends that may have captured sensitive content.
AWS Security Bulletin 2026-058
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →