CVE-2026-4295 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arb…
High CVSS: 8.5

CVE-2026-4295

Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory.



To remediate this issue, users should upgrade to version 0.8.0 or higher.
Vendor
-
Product
-
CWE
CWE-829
Yayın Tarihi
2026-03-17 20:16:14
Güncelleme
2026-03-18 14:52:44
Source Identifier
ff89ba41-3aa1-4d27-914a-91399e9639e5
KEV Date Added
-

Kategoriler

CWE-829 HIGH 2026

Referanslar

https://aws.amazon.com/security/security-bulletins/2026-009-AWS/ https://kiro.dev/changelog/ide/0-8/