Skip to main content

Kilo-Org Kilocode CVE-2026-8766

| EUVDEUVD-2026-30710 LOW
Information Exposure (CWE-200)
2026-05-17 VulDB GHSA-rpc6-9c4p-j5cg
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
May 17, 2026 - 23:22 NVD
MEDIUM LOW
CVSS changed
May 17, 2026 - 23:22 NVD
4.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
May 17, 2026 - 23:00 vuln.today

DescriptionCVE.org

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILO_CONFIG_CONTENT can lead to information disclosure. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Information disclosure in Kilo-Org Kilocode versions up to 7.0.47 allows authenticated remote attackers to access sensitive configuration data by manipulating the KILO_CONFIG_CONTENT environment variable through the config.ts Load function. Public exploit code exists (EPSS probability data not provided), enabling low-complexity attacks that expose confidential information without requiring user interaction. The vendor has been unresponsive to disclosure attempts, and no patch release has been confirmed.

Technical ContextAI

This vulnerability affects the Environment Variable Handler component of Kilocode, specifically the Load function in packages/opencode/src/config/config.ts. The issue stems from CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), where improper validation or sanitization of the KILO_CONFIG_CONTENT environment variable allows attackers to manipulate configuration loading mechanisms. Environment variable injection vulnerabilities commonly occur in Node.js/TypeScript applications when user-controlled input influences configuration file paths or content loading without adequate input validation. The affected CPE (cpe:2.3:a:kilo-org:kilocode:*:*:*:*:*:*:*:*) indicates this is a widespread issue across the Kilocode product line through version 7.0.47.

RemediationAI

No vendor-released patch identified at time of analysis despite early vendor notification. Organizations using Kilocode 7.0.47 or earlier should implement compensating controls immediately. Restrict access to environment variable configuration mechanisms by enforcing strict authentication and authorization on any interfaces that accept or process KILO_CONFIG_CONTENT values-this may require code-level changes to validate input sources. Deploy runtime application self-protection (RASP) or web application firewall (WAF) rules to detect and block requests attempting to inject malicious content into environment variables, though this may cause false positives if legitimate configuration updates use similar patterns. Isolate Kilocode instances in network segments with minimal exposure and limit authenticated user permissions to only those requiring configuration access, accepting the operational overhead of manual configuration management. Monitor application logs for anomalous Load function calls or environment variable modifications. Consider migrating to alternative configuration management solutions if vendor continues non-responsiveness. The public exploit at https://gist.github.com/YLChen-007/32b444e49ced1a46bde5a68933ccd09f should be reviewed to understand exact attack techniques for detection rule development.

Share

CVE-2026-8766 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy