Amazon Q’s MCP Flaw Is an Industry Warning: AI Tools Still Lack Workspace Trust Standards
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a shared design failure, not just a single vendor mistake.