How to fix CVE-2026-5429?

Within 24 hours: Inventory all Kiro IDE installations and identify affected versions (< 0.8.140). Communicate to users that Kiro IDE use is restricted until patch availability is confirmed. Within 7 days: Document all Kiro IDE instances and business-critical workflows dependent on the tool; establish alternative development environments where possible. Within 30 days: Deploy patched version 0.8.140 or later across all endpoints upon vendor release; conduct post-deployment verification that no malicious workspaces were opened during the vulnerability window.

CVE-2026-5429

EUVD-2026-18519 HIGH

2026-04-02 AMZN

GHSA-7v7j-vpv5-h468

7.1

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Apr 02, 2026 - 19:01 vuln.today

EUVD ID Assigned

Apr 02, 2026 - 19:01 euvd

EUVD-2026-18519

CVE Published

Apr 02, 2026 - 18:37 nvd

HIGH 7.1

Description

Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue requires the user to trust the workspace when prompted. To remediate this issue, users should upgrade to version 0.8.140.

Analysis

Arbitrary code execution in AWS Kiro IDE versions prior to 0.8.140 occurs when a local user opens a maliciously crafted workspace containing an unsanitized color theme name, exploiting improper neutralization of input during webview generation. The attack requires user interaction (trusting the workspace when prompted) and can deliver full system compromise with high confidentiality, integrity, and availability impact. …

Remediation

Within 24 hours: Inventory all Kiro IDE installations and identify affected versions (< 0.8.140). Communicate to users that Kiro IDE use is restricted until patch availability is confirmed. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: 0

CVE-2026-5429 vulnerability details – vuln.today

Back

CVE-2026-5429

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-5429

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code