6 matches found
CVE-2026-0830
Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...
CVE-2026-0830
Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...
CVE-2026-0830 Command Injection in Kiro GitLab Merge Request Helper
Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...
CVE-2026-0830
CVE-2026-0830 affects Kiro IDE (pre-0.6.18). The vulnerability arises from processing specially crafted workspace folder names in the GitLab Merge Request helper, which can lead to arbitrary command injection on the user’s machine when opening malicious workspaces. Public sources (NVD, Red Hat, C...
EUVD-2026-1682
Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...
PT-2026-2030
Name of the Vulnerable Software and Affected Versions Kiro IDE versions prior to 0.6.18 Description Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper. This occurs when opening maliciously crafted workspaces. The...