Remote Code Execution Vulnerability in Kiro IDE by Kiro
CVE-2026-5429

7.1HIGH

Key Information:

Vendor

Aws

Status
Kiro Ide
Vendor
CVE Published:
2 April 2026

What is CVE-2026-5429?

An unsanitized input vulnerability in the Kiro Agent webview component of Kiro IDE allows remote unauthenticated attackers to execute arbitrary code. This security flaw arises when a user opens a workspace containing a maliciously crafted color theme name, necessitating user consent to trust the workspace. Users are advised to upgrade to Kiro IDE version 0.8.140 or later to mitigate this issue.

Affected Version(s)

Kiro IDE 0.1 < 0.8.140

References

https://aws.amazon.com/security/security-bulletins/2026-0...
vendor-advisory
https://kiro.dev/changelog/ide/0-8/#patch-0-8-140
release-notes

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.