EUVD-2026-31471

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version...

Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the MCPTool.Name sanitization in the NewMCPTool registration process in internal/agent/tools. An attacker can execute arbitrary MCP tools and inject prompts to exfiltrate context by...