Unrated severityNVD Advisory· Published May 22, 2026· Updated May 23, 2026

Tool Execution Without Authorization via Piped Stdin in Kiro CLI

CVE-2026-9255

Description

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin.

We recommend you to upgrade to kiro-cli version 1.28.0 or later.

Affected products

Kiro/Kiro CLIllm-create
Range: <1.28.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

aws.amazon.com/security/security-bulletins/2026-035-aws/mitrevendor-advisory
kiro.dev/changelog/cli/1-28/mitrerelease-notes

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000