Kiro CLI <1.28.0: Missing input validation allows arbitrary tool exec via stdin
CVE-2026-9255 Published on May 22, 2026

Tool Execution Without Authorization via Piped Stdin in Kiro CLI
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version 1.28.0 or later.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-9255 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is an AuthZ Vulnerability?

The software does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE-2026-9255 has been classified to as an AuthZ vulnerability or weakness.

Products Associated with CVE-2026-9255

Want to know whenever a new CVE is published for Aws Kiro Cli? stack.watch will email you.

Aws Kiro Cli

Affected Versions

AWS Kiro CLI:

Before 1.28.0 is affected.

Kiro CLI <1.28.0: Missing input validation allows arbitrary tool exec via stdinCVE-2026-9255 Published on May 22, 2026

Vulnerability Analysis

Weakness Type

What is an AuthZ Vulnerability?

Products Associated with CVE-2026-9255

Affected Versions

Kiro CLI <1.28.0: Missing input validation allows arbitrary tool exec via stdin
CVE-2026-9255 Published on May 22, 2026