CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-9255 - Tool Execution Without Authorization via Piped Stdin in Kiro CLI

unknownCVE-2026-9255
Bulletin ID: 2026-035-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/22/2026 09:45 AM PDT Description: Kiro CLI is a command-line AI coding assistant that enables developers to interact with AI models to execute code, manage files, and run shell commands. We identified CVE-2026-9255, an issue where missing input source validation in the tool authorization prompt could allow a local actor to execute arbitrary tools, including shell commands, without user approval by crafting content that is piped to kiro-cli via stdin. Impacted versions: kiro-cli prior to 1.28.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.

CSIRTS triage

What
Missing input source validation could allow local actors to execute arbitrary tools without user approval.
Who is affected
Users of Kiro CLI versions prior to 1.28.0.
Urgency
Remediation is urgent as it allows unauthorized tool execution.
Action
Upgrade Kiro CLI to version 1.28.0 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Kiro CLI

Get an email when a new Kiro CLI advisory drops — max one per day, one-click unsubscribe.

Details

Source
AWS Security Bulletins (INTL · vendor-psirt · site)
Severity
unknown
Published
2026-06-05
Exploitation
Not in CISA KEV at last sync

Original advisory: https://aws.amazon.com/security/security-bulletins/rss/2026-035-aws/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-9255coverage & exploitation statusNVD · CVE.org

Recent advisories for - Tool Execution

A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.

More from AWS Security Bulletins