All 5 CVE vulnerabilities found in Kiro IDE, with AI-generated Chinese analysis, references, and POCs.
Vendor: AWS
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-11931 | Insecure Permissions on Authentication Token Cache File in Kiro IDE CWE-276 | 5.5 | Medium | 2026-06-15 |
| CVE-2026-10591 | Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths CWE-732 | 8.8 | High | 2026-06-02 |
| CVE-2026-5429 | Kiro IDE Webview Cross-Site Scripting via Workspace Color Theme CWE-79 | 7.8 | High | 2026-04-02 |
| CVE-2026-4295 | Arbitrary code execution via crafted project files in Kiro IDE CWE-829 | 7.8 | High | 2026-03-17 |
| CVE-2026-0830 | Command Injection in Kiro GitLab Merge Request Helper CWE-78 | 7.8 | High | 2026-01-09 |
All 5 known CVE vulnerabilities affecting Kiro IDE with full Chinese analysis, references, and POCs where available.