CNNVD-202601-1593 Information

CNNVD ID

CNNVD-202601-1593

Related CVE

CVE-2026-0830

• CNNVD Published: 2026-01-09

Description (Chinese)

Kiro IDE是Kiro开源的一款集成开发环境。 Kiro IDE 0.6.18之前版本存在安全漏洞，该漏洞源于处理特制工作空间文件夹名称时存在命令注入漏洞，可能导致执行任意命令。

Description (English)

Kiro IDE is an integrated development environment for the Kiro open source. A security gap existed in the previous version of Kiro IDE 0.6.18, which resulted from the introduction of a command gap in the handling of a special workspace folder name, which could lead to the execution of an arbitrary order.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kiro

Published

2026-01-09

Last Modified

2026-02-24

References

https://aws.amazon.com/security/security-bulletins/2026-001-AWS/ https://kiro.dev/changelog/spec-correctness-and-cli/