10 matches found
Kilo Code 信息泄露漏洞
Kilo Code is an open-source AI coding assistant developed by Kilo Code. Versions of Kilo Code 7.0.47 and earlier contained a vulnerability known as information leakage. This vulnerability stemmed from improper handling of the parameter KILOCONFIGCONTENT in the Load function of the Environment...
Kilo Code 路径遍历漏洞
Kilo Code is an open-source AI coding assistant developed by Kilo Code. Versions of Kilo Code 7.0.47 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the improper handling of parameters File in the Bun.file function within the File Diff API Endpoint component...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
Kilo Code up to 4.86.0 is affected by an injection vulnerability in the ClineProvider function of src/core/webview/ClineProvider.ts within the Prompt Handler component. The issue allows remote manipulation and has publicly disclosed exploits; remediation is to apply the patch. The available docum...
PT-2025-41241
Name of the Vulnerable Software and Affected Versions Kilo Code versions prior to 4.86.0 Description A flaw exists in Kilo Code that allows for injection through manipulation of the ClineProvider function within the src/core/webview/ClineProvider.ts file of the Prompt Handler component. This issu...
Kilo Code 安全漏洞
Kilo Code is an AI coding assistant open-sourced by Kilo Code. A security vulnerability exists in Kilo Code 4.86.0 and earlier versions, which stems from improper manipulation of the ClineProvider function in the Prompt Handler component, which could lead to an injection attack...