CVE-2026-9255— Tool Execution Without Authorization via Piped Stdin in Kiro CLI
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1203 · Exploitation for Client ExecutionGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-9255
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tool Execution Without Authorization via Piped Stdin in Kiro CLI
Source: NVD (National Vulnerability Database)
Vulnerability Description
Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. We recommend you to upgrade to kiro-cli version 1.28.0 or later.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)
Vulnerability Title
Amazon Web Services Kiro CLI 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Amazon Web Services Kiro CLI是美国亚马逊(Amazon)公司的一个支持AI代理、MCP集成与终端自动化的命令行智能编程工具。 Amazon Web Services Kiro CLI 1.28.0之前版本存在安全漏洞,该漏洞源于工具授权提示缺少输入源验证,可能导致本地攻击者通过stdin管道传输特制内容至kiro-cli,在未经用户批准的情况下执行任意工具包括shell命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-9255
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-9255
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-9255 (1)
Vendor Pages for CVE-2026-9255 (1)
- 🔗 Refreshed Terminal UI for Kiro CLI - Kirorelease-notes
IV. Related Vulnerabilities
Same vendor: AWS
- CVE-2026-9291
Insecure Deserialization in Amazon Braket SDK Job Results Pr - CVE-2026-9133
Arbitrary file read in rabbitmq-aws plugin - CVE-2026-8838
Remote Code Execution via eval() Injection in amazon-redshif - CVE-2026-7461
OS Command Injection in Amazon ECS Agent via FSx Windows Fil - CVE-2026-7426
Out-of-Bounds Write via Unsanitized Prefix Length in Router
Same weakness: CWE-862
- CVE-2026-6937
Appointment Booking Calendar <= 1.6.11.8 - Missing Authoriza - CVE-2026-9015
Equalize Digital Accessibility Checker <= 1.42.0 - Missing A - CVE-2026-8689
Visualizer: Tables and Charts Manager for WordPress <= 3.11. - CVE-2026-8682
3D Viewer <= 2.0.1 - Missing Authorization to Authenticated - CVE-2026-7621
SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to A
V. Comments for CVE-2026-9255
No comments yet