CVE-2026-11931

Insecure Permissions on Authentication Token Cache File in Kiro IDE

CVSS 6.8 MEDIUMEPSS 0.1%CWE-276

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.8EPSS 0.1%KEV nãoPoC —Patch referenciado

Lifecycle

15 Jun 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this issue, users should upgrade to Kiro IDE version 0.11.133 or later. After upgrading and restarting the application, the cache file permissions are automatically updated on the next token refresh. Users operating in a multi-user environment can invalidate existing tokens by reauthenticating.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

AWS · Kiro IDE

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://aws.amazon.com/security/security-bulletins/2026-045-aws/https://kiro.dev/changelog/ide/0-11/#patch-0-11-133