Kiro Ide
Monthly
Authentication token cache file exposure in Kiro IDE on macOS and Linux allows any local user to read credentials belonging to other users due to world-readable file permissions (0644) instead of the security-appropriate owner-only permissions (0600). All versions before 0.11.133 are affected on UNIX-based platforms; the vulnerability is confirmed by AWS via security bulletin 2026-045 and has been assigned CWE-276 (Incorrect Default Permissions). No public exploit code has been identified at time of analysis, but exploitation requires no technical sophistication - only filesystem read access on a shared system.
Arbitrary command execution in Amazon Kiro IDE versions prior to 0.11 allows remote attackers to plant malicious task definitions (e.g., .vscode/tasks.json) via the IDE's file write tool, which then auto-execute when a developer opens the affected workspace folder. The CVSS 4.0 score of 8.6 reflects network-reachable abuse with high confidentiality, integrity, and availability impact contingent on a single user action (folder open). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary code execution in AWS Kiro IDE versions prior to 0.8.140 occurs when a local user opens a maliciously crafted workspace containing an unsanitized color theme name, exploiting improper neutralization of input during webview generation. The attack requires user interaction (trusting the workspace when prompted) and can deliver full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, though SSVC framework rates technical impact as total with manual (non-automatable) exploitation potential.
A trust boundary enforcement vulnerability in Kiro IDE allows remote attackers to execute arbitrary code when a local user opens a maliciously crafted project directory. The vulnerability affects all versions of Kiro IDE prior to 0.8.0 on all supported platforms and bypasses workspace trust protections designed to prevent unauthorized code execution. While not currently listed in CISA KEV or showing high EPSS scores, the vulnerability enables remote code execution through local user interaction.
Authentication token cache file exposure in Kiro IDE on macOS and Linux allows any local user to read credentials belonging to other users due to world-readable file permissions (0644) instead of the security-appropriate owner-only permissions (0600). All versions before 0.11.133 are affected on UNIX-based platforms; the vulnerability is confirmed by AWS via security bulletin 2026-045 and has been assigned CWE-276 (Incorrect Default Permissions). No public exploit code has been identified at time of analysis, but exploitation requires no technical sophistication - only filesystem read access on a shared system.
Arbitrary command execution in Amazon Kiro IDE versions prior to 0.11 allows remote attackers to plant malicious task definitions (e.g., .vscode/tasks.json) via the IDE's file write tool, which then auto-execute when a developer opens the affected workspace folder. The CVSS 4.0 score of 8.6 reflects network-reachable abuse with high confidentiality, integrity, and availability impact contingent on a single user action (folder open). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary code execution in AWS Kiro IDE versions prior to 0.8.140 occurs when a local user opens a maliciously crafted workspace containing an unsanitized color theme name, exploiting improper neutralization of input during webview generation. The attack requires user interaction (trusting the workspace when prompted) and can deliver full system compromise with high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, though SSVC framework rates technical impact as total with manual (non-automatable) exploitation potential.
A trust boundary enforcement vulnerability in Kiro IDE allows remote attackers to execute arbitrary code when a local user opens a maliciously crafted project directory. The vulnerability affects all versions of Kiro IDE prior to 0.8.0 on all supported platforms and bypasses workspace trust protections designed to prevent unauthorized code execution. While not currently listed in CISA KEV or showing high EPSS scores, the vulnerability enables remote code execution through local user interaction.