kilocode — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in kilocode, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-8766	Kilo-Org kilocode Environment Variable config.ts load information disclosure CWE-200	4.3	Medium	2026-05-17
CVE-2026-8765	Kilo-Org kilocode File Diff API Endpoint worktree-diff.ts Bun.file path traversal CWE-22	4.3	Medium	2026-05-17

All 2 known CVE vulnerabilities affecting kilocode with full Chinese analysis, references, and POCs where available.