Aws Kiro Ide
4 CVEs affecting Aws Kiro Ide. Latest disclosed: 2026-06-02. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-10591 | High | 8.8 | 2026-06-02 | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arb… |
CVE-2026-5429 | High | 7.8 | 2026-04-02 | Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execu… |
CVE-2026-4295 | High | 7.8 | 2026-03-17 | Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute ar… |
CVE-2026-0830 | High | 7.8 | 2026-01-09 | Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before vers… |