{"data":{"id":"fe3c1da1-1e68-40e6-9c8d-a08286241447","title":"CVE-2026-11931 - Insecure Permissions on Authentication Token Cache File in Kiro IDE","summary":"Kiro IDE, an AI-powered development tool, had a security flaw in versions before 0.11.133 where authentication token cache files (files storing login credentials) were saved with world-readable permissions on macOS and Linux, meaning any user or process on the same computer could read them instead of just the owner.","solution":"Update Kiro IDE to version 0.11.133 or later.","labels":["security"],"sourceUrl":"https://aws.amazon.com/security/security-bulletins/rss/2026-045-aws/","publishedAt":"2026-06-15T18:41:08.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Kiro IDE"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-15T18:41:08.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}