{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4295", "assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "state": "PUBLISHED", "assignerShortName": "AMZN", "dateReserved": "2026-03-16T17:38:37.520Z", "datePublished": "2026-03-17T19:11:58.702Z", "dateUpdated": "2026-03-18T14:07:58.063Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "shortName": "AMZN", "dateUpdated": "2026-03-17T19:11:58.702Z"}, "title": "Arbitrary code execution via crafted project files in Kiro IDE", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-829", "description": "CWE-829 Inclusion of functionality from untrusted control sphere", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "affected": [{"vendor": "AWS", "product": "Kiro IDE", "versions": [{"status": "affected", "version": "0.1.0", "lessThan": "0.8.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.\n\n\n\nTo remediate this issue, users should upgrade to version 0.8.0 or higher.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously<em> </em>crafted project directory files that bypass workspace trust protections when a local user opens the directory.<br><br></p><p>To remediate this issue, users should upgrade to version 0.8.0 or higher.</p>"}]}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/2026-009-AWS/", "tags": ["vendor-advisory"]}, {"url": "https://kiro.dev/changelog/ide/0-8/", "tags": ["release-notes"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T14:07:37.796475Z", "id": "CVE-2026-4295", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T14:07:58.063Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4295", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-18T14:07:37.796475Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T14:07:48.006Z"}}], "cna": {"title": "Arbitrary code execution via crafted project files in Kiro IDE", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AWS", "product": "Kiro IDE", "versions": [{"status": "affected", "version": "0.1.0", "lessThan": "0.8.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/2026-009-AWS/", "tags": ["vendor-advisory"]}, {"url": "https://kiro.dev/changelog/ide/0-8/", "tags": ["release-notes"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.\n\n\n\nTo remediate this issue, users should upgrade to version 0.8.0 or higher.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously<em> </em>crafted project directory files that bypass workspace trust protections when a local user opens the directory.<br><br></p><p>To remediate this issue, users should upgrade to version 0.8.0 or higher.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-829", "description": "CWE-829 Inclusion of functionality from untrusted control sphere"}]}], "providerMetadata": {"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "shortName": "AMZN", "dateUpdated": "2026-03-17T19:11:58.702Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4295", "state": "PUBLISHED", "dateUpdated": "2026-03-18T14:07:58.063Z", "dateReserved": "2026-03-16T17:38:37.520Z", "assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "datePublished": "2026-03-17T19:11:58.702Z", "assignerShortName": "AMZN"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.\n\n\n\nTo remediate this issue, users should upgrade to version 0.8.0 or higher."}, {"lang": "es", "value": "La aplicaci\u00f3n inadecuada de l\u00edmites de confianza en Kiro IDE antes de la versi\u00f3n 0.8.0 en todas las plataformas compatibles podr\u00eda permitir a un actor de amenaza remoto no autenticado ejecutar c\u00f3digo arbitrario mediante archivos de directorio de proyecto creados maliciosamente que eluden las protecciones de confianza del espacio de trabajo cuando un usuario local abre el directorio.\n\nPara remediar este problema, los usuarios deben actualizar a la versi\u00f3n 0.8.0 o superior."}], "id": "CVE-2026-4295", "lastModified": "2026-03-18T14:52:44.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary"}]}, "published": "2026-03-17T20:16:14.840", "references": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "url": "https://aws.amazon.com/security/security-bulletins/2026-009-AWS/"}, {"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "url": "https://kiro.dev/changelog/ide/0-8/"}], "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.1.0,0.8.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Kiro IDE", "source": "cna", "vendor": "AWS"}, "product": "kiro_ide", "vendor": "aws"}], "analysis": {"en": {"generated_at": "2026-03-17T20:36:25.109159+00:00", "value": {"mitigation_remediation": ["Upgrade to Kiro IDE version 0.8.0 or newer."], "summary": {"action": "Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Affected systems include the AWS\u2011branded Kiro IDE on all supported platforms, specifically any release older than 0.8.0. The build changelog indicates that the fix was introduced in the 0.8.0 release, meaning all earlier versions are vulnerable regardless of platform.", "description_and_impact": "The vulnerability arises from improper trust boundary enforcement in Kiro IDE before version 0.8.0. Code running inside the IDE incorrectly accepts partially trusted project directory files, allowing a malicious actor to inject arbitrary code that is executed when a local user opens the directory. This flaw is mapped to CWE-829 and results in Remote Code Execution, potentially compromising confidentiality, integrity, and availability of the host system.", "risk_and_exploitability": "The CVSS score of 8.5 indicates a high severity with an impact of arbitrary code execution. EPSS data is not available and the vulnerability is not listed in CISA\u2019s KEV catalog. Because the flaw can be triggered by a local user who opens a crafted project directory, an unauthenticated remote attacker can deliver such a directory and cause the affected user to unwittingly execute code. No known exploits have been published yet, but the combination of high severity and an easily exploitable attack vector warrants immediate remediation."}}}}, "created": "2026-03-18T10:42:54.656516+00:00", "updated": "2026-03-24T10:54:43.973149+00:00", "vendors": ["aws", "aws$PRODUCT$kiro_ide"]}