CVE-2026-4295

Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory. To remediate this issue, users should upgrade to version 0.8.0 or higher.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://aws.amazon.com/security/security-bulletins/2026-009-AWS/
https://kiro.dev/changelog/ide/0-8/

Configurations

No configuration.

History

18 Mar 2026, 14:52

Type	Values Removed	Values Added
Summary		(es) La aplicación inadecuada de límites de confianza en Kiro IDE antes de la versión 0.8.0 en todas las plataformas compatibles podría permitir a un actor de amenaza remoto no autenticado ejecutar código arbitrario mediante archivos de directorio de proyecto creados maliciosamente que eluden las protecciones de confianza del espacio de trabajo cuando un usuario local abre el directorio. Para remediar este problema, los usuarios deben actualizar a la versión 0.8.0 o superior.

17 Mar 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-17 20:16

Updated : 2026-03-18 14:52

NVD link : CVE-2026-4295

Mitre link : CVE-2026-4295

CVE.ORG link : CVE-2026-4295

JSON object : View

Products Affected

No product.

CWE

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

{"id": "CVE-2026-4295", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-17T20:16:14.840", "references": [{"url": "https://aws.amazon.com/security/security-bulletins/2026-009-AWS/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}, {"url": "https://kiro.dev/changelog/ide/0-8/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "description": [{"lang": "en", "value": "CWE-829"}]}], "descriptions": [{"lang": "en", "value": "Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.\n\n\n\nTo remediate this issue, users should upgrade to version 0.8.0 or higher."}, {"lang": "es", "value": "La aplicaci\u00f3n inadecuada de l\u00edmites de confianza en Kiro IDE antes de la versi\u00f3n 0.8.0 en todas las plataformas compatibles podr\u00eda permitir a un actor de amenaza remoto no autenticado ejecutar c\u00f3digo arbitrario mediante archivos de directorio de proyecto creados maliciosamente que eluden las protecciones de confianza del espacio de trabajo cuando un usuario local abre el directorio.\n\nPara remediar este problema, los usuarios deben actualizar a la versi\u00f3n 0.8.0 o superior."}], "lastModified": "2026-03-18T14:52:44.227", "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5"}