CVE-2026-5429
Published: 02 April 2026
Summary
CVE-2026-5429 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Amazon (inferred from references). Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 9.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Deeper analysis
CVE-2026-5429 affects the Kiro Agent webview in Kiro IDE versions before 0.8.140, where unsanitized input during web page generation allows arbitrary code execution. Specifically, a crafted color theme name can be exploited due to improper input handling, mapped to CWE-79 (cross-site scripting). The vulnerability was published on 2026-04-02 and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact potential with low complexity and required user interaction.
A remote unauthenticated threat actor can exploit this by embedding malicious content in a workspace's color theme name. Exploitation occurs when a local user opens the workspace and explicitly trusts it upon prompting, enabling the attacker to execute arbitrary code on the victim's system with high confidentiality, integrity, and availability impacts.
Mitigation requires upgrading to Kiro IDE version 0.8.140. Official guidance appears in the AWS security bulletin at https://aws.amazon.com/security/security-bulletins/2026-012-aws/ and the Kiro changelog at https://kiro.dev/changelog/ide/0-8/#patch-0-8-140.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-18519
Vulnerability details
Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens…
more
the workspace. This issue requires the user to trust the workspace when prompted. To remediate this issue, users should upgrade to version 0.8.140.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables arbitrary code execution via a crafted malicious workspace color theme name that requires user interaction to open and trust, directly facilitating T1204.002 Malicious File.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates unsanitized input in webview page generation by validating color theme names and rejecting malicious payloads before processing.
Prevents arbitrary code execution by filtering outputs during web page generation in the Kiro Agent webview to block XSS-like attacks from crafted inputs.
Ensures timely flaw remediation by upgrading to Kiro IDE 0.8.140, which fixes the input sanitization vulnerability.