Known Vulnerabilities for Kiro CLI by AWS
Listed below are 4 of the newest known vulnerabilities associated with "Kiro CLI" by "AWS".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-11931 json | Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token ca... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-10591 json | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote una... | Not Provided | 2026-06-02 | 2026-06-03 |
| CVE-2026-9255 json | Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute... | Not Provided | 2026-05-22 | 2026-05-23 |
| CVE-2026-5429 json | Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote una... | Not Provided | 2026-04-02 | 2026-04-02 |