VYPR

kilocode

by Kilo

CVEs (2)

  • CVE-2025-11445MedOct 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now…

  • CVE-2026-8765MedMay 17, 2026
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component File Diff API Endpoint. Performing a manipulation of the argument File results in…