Incorrect Permissions in Kiro IDE Exposes Sensitive Cache Files on macOS and Linux
CVE-2026-11931

6.8MEDIUM

Key Information:

Vendor: Aws
Status: Kiro Ide
Vendor: CVE Published:; 15 June 2026

What is CVE-2026-11931?

The Kiro IDE application on macOS and Linux prior to version 0.11.133 has a vulnerability that entails incorrect default file permissions, allowing the authentication token cache to be accessible to other local users or processes. This results in the cache file being set to world-readable permissions (0644) instead of the more secure owner-restricted permissions (0600). Users are urged to upgrade to Kiro IDE version 0.11.133 or later to ensure that the cache file permissions are remedied during the next token refresh after the application restarts. In environments with multiple users, existing tokens may also be invalidated by reauthenticating.

Affected Version(s)

Kiro IDE Linux 0 < 0.11.133

References

https://kiro.dev/changelog/ide/0-11/#patch-0-11-133

release-notes

https://aws.amazon.com/security/security-bulletins/2026-0...

vendor-advisory

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
Jun 10, 2026

Credit

BeyondTrust Phantom Labs

CVE-2026-11931 Data

JSON

Aws

What is CVE-2026-11931?

Affected Version(s)

References

CVSS V4

Timeline

Credit