Aws Kiro Ide
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Aws Kiro Ide.
By the Year
In 2026 there have been 2 vulnerabilities in Aws Kiro Ide with an average score of 7.2 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 7.15 |
It may take a day or so for new Kiro Ide vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Aws Kiro Ide Security Vulnerabilities
Kiro IDE 0.11.133 fixes insecure token cache permissions (CVE-2026-11931)
CVE-2026-11931
5.5 - Medium
- June 15, 2026
Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this issue, users should upgrade to Kiro IDE version 0.11.133 or later. After upgrading and restarting the application, the cache file permissions are automatically updated on the next token refresh. Users operating in a multi-user environment can invalidate existing tokens by reauthenticating.
Incorrect Default Permissions
Amazon Kiro IDE <0.11 File Write CA Remote Exec
CVE-2026-10591
8.8 - High
- June 02, 2026
Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths (such as .vscode/tasks.json), enabling auto-execution on folder open. To remediate this issue, users should upgrade to Kiro IDE version 0.11 or later.
Incorrect Permission Assignment for Critical Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Aws Kiro Ide or by Aws? Click the Watch button to subscribe.
