Kiro Ide

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-4295 HIGH This Week

A trust boundary enforcement vulnerability in Kiro IDE allows remote attackers to execute arbitrary code when a local user opens a maliciously crafted project directory. The vulnerability affects all versions of Kiro IDE prior to 0.8.0 on all supported platforms and bypasses workspace trust protections designed to prevent unauthorized code execution. While not currently listed in CISA KEV or showing high EPSS scores, the vulnerability enables remote code execution through local user interaction.

RCE Kiro Ide

NVD VulDB

CVSS 3.1

7.8

EPSS

0.0%

CVE-2026-4295

EPSS 0% CVSS 7.8

HIGH This Week

A trust boundary enforcement vulnerability in Kiro IDE allows remote attackers to execute arbitrary code when a local user opens a maliciously crafted project directory. The vulnerability affects all versions of Kiro IDE prior to 0.8.0 on all supported platforms and bypasses workspace trust protections designed to prevent unauthorized code execution. While not currently listed in CISA KEV or showing high EPSS scores, the vulnerability enables remote code execution through local user interaction.

RCE Kiro Ide

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy