What is the CVSS score of CVE-2026-4295?

CVE-2026-4295 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Kiro Ide are affected by CVE-2026-4295?

Kiro IDE versions prior to 0.8.0 contain a trust boundary enforcement flaw that allows remote attackers to execute arbitrary code when users open malicious project directories, directly circumventing…. A patch is available.

Is there a public PoC exploit available for CVE-2026-4295?

Yes, a public proof-of-concept exploit is available for CVE-2026-4295. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-4295?

Within 24 hours: Inventory all Kiro IDE installations across development teams and identify current versions. Within 7 days: Upgrade all instances to Kiro IDE 0.8.0 or later; validate upgrade completion across all developers and CI/CD pipelines. Within 30 days: Conduct code review of any projects opened in Kiro IDE from untrusted sources since last verified clean version; scan development systems for indicators of compromise.

Kiro Ide CVE-2026-4295

EUVD-2026-12638 HIGH

Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

2026-03-17 AMZN

RCE Kiro Ide

7.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:21 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

0.8.0

EUVD ID Assigned

Mar 17, 2026 - 20:30 euvd

EUVD-2026-12638

Analysis Generated

Mar 17, 2026 - 20:30 vuln.today

CVE Published

Mar 17, 2026 - 19:11 nvd

HIGH 7.8

DescriptionCVE.org

Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.

To remediate this issue, users should upgrade to version 0.8.0 or higher.

AnalysisAI

A trust boundary enforcement vulnerability in Kiro IDE allows remote attackers to execute arbitrary code when a local user opens a maliciously crafted project directory. The vulnerability affects all versions of Kiro IDE prior to 0.8.0 on all supported platforms and bypasses workspace trust protections designed to prevent unauthorized code execution. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious project directory files

Exploit

User opens directory in Kiro IDE

Execution

Bypass workspace trust boundary

Impact

Execute arbitrary code with user privileges

Access

Craft malicious project directory files

Exploit

User opens directory in Kiro IDE

Execution

Bypass workspace trust boundary

Impact

Execute arbitrary code with user privileges

Vulnerability AssessmentAI

Exploitation	Local user must open a maliciously crafted project directory in Kiro IDE versions before 0.8.0. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 7.8 score reflects a high severity due to potential for full system compromise (C:H/I:H/A:H), but real-world risk is moderated by requiring local access (AV:L) and user interaction (UI:R). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker creates a malicious project directory containing specially crafted configuration or script files that exploit the improper trust boundary enforcement. When a developer downloads and opens this project in a vulnerable version of Kiro IDE, the malicious code executes with the user's privileges, potentially installing backdoors or stealing sensitive data. …
Remediation	Users should immediately upgrade Kiro IDE to version 0.8.0 or higher as specified in the vendor advisory at https://aws.amazon.com/security/security-bulletins/2026-009-AWS/. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Kiro IDE installations across development teams and identify current versions. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11931 MEDIUM This Month

6.8 Jun 15

Authentication token cache file exposure in Kiro IDE on macOS and Linux allows any local user to read credentials belong

CVE-2026-4295 vulnerability details – vuln.today

Back

Kiro Ide CVE-2026-4295

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code