Vulnerabilities

CVE-2026-0830

by Fred · 09/01/2026

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces.

To mitigate, users should update to the latest version.

More information : https://aws.amazon.com/security/security-bulletins/2026-001-AWS/

Similar

Tags: Cybersecurity Alert