CVE-2026-9255 - Tool Execution Without Authorization via Piped Stdin in Kiro CLI
Summary
Kiro CLI, a command-line tool that lets developers use AI to run code and shell commands, has a security flaw (CVE-2026-9255) where it doesn't properly check where input comes from before authorizing tool execution. An attacker on the same computer could trick the tool into running arbitrary commands without the user's permission by sending specially crafted data through stdin (the standard input stream that feeds data into a program).
Solution / Mitigation
Update kiro-cli to version 1.28.0 or later. The affected versions are kiro-cli prior to 1.28.0.
Classification
Affected Vendors
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://aws.amazon.com/security/security-bulletins/rss/2026-035-aws/
First tracked: May 22, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%