CVE-2026-11931
Awaiting Analysis Awaiting Analysis - Queue

Incorrect Default Permissions in Kiro IDE Leading to Token Cache Exposure

Vulnerability report for CVE-2026-11931, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-15

Last updated on: 2026-06-15

Assigner: AMZN

Description

Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this issue, users should upgrade to Kiro IDE version 0.11.133 or later. After upgrading and restarting the application, the cache file permissions are automatically updated on the next token refresh. Users operating in a multi-user environment can invalidate existing tokens by reauthenticating.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-15
Last Modified
2026-06-15
Generated
2026-07-06
AI Q&A
2026-06-15
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
kiro ide From 0.11.133 (inc)
kiro ide 0.11.133

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-11931 is a security vulnerability in Kiro IDE on macOS and Linux versions before 0.11.133. The issue is that the authentication token cache file was created with incorrect default permissions, making it world-readable (0644) instead of restricted to the owner only (0600). This means other local users or processes on the same system could potentially access sensitive authentication tokens.

Impact Analysis

This vulnerability could allow unauthorized local users or processes to read the authentication token cache file due to its overly permissive file permissions. As a result, attackers could gain access to sensitive authentication tokens, potentially leading to unauthorized access or actions within the Kiro IDE environment.

Detection Guidance

This vulnerability can be detected by checking the permissions of the authentication token cache file used by Kiro IDE on macOS or Linux systems. Specifically, you should verify if the file permissions are set to world-readable (0644) instead of owner-restricted (0600).

You can use commands like the following to detect the vulnerable permission settings:

  • Find the token cache file location used by Kiro IDE.
  • Run: ls -l /path/to/token_cache_file
  • Check if the permissions show '-rw-r--r--' (0644) instead of '-rw-------' (0600).

Alternatively, you can use the find command to locate files with world-readable permissions, for example:

  • find /path/to/kiro/cache/ -type f -perm 0644
Mitigation Strategies

To mitigate this vulnerability, you should immediately upgrade Kiro IDE to version 0.11.133 or later, where the issue has been fixed.

After upgrading and restarting the application, the cache file permissions will be automatically updated on the next token refresh.

If you operate in a multi-user environment, it is recommended to invalidate existing tokens by reauthenticating to ensure that any potentially exposed tokens are no longer valid.

Compliance Impact

The vulnerability in Kiro IDE allows the authentication token cache file to be world-readable instead of restricted to the owner, potentially exposing sensitive authentication tokens to other local users or processes.

This exposure of sensitive authentication information could lead to unauthorized access, which may violate data protection requirements in common standards and regulations such as GDPR and HIPAA that mandate strict controls over access to sensitive data.

To remediate this and maintain compliance, users must upgrade to Kiro IDE version 0.11.133 or later, which corrects the file permissions to be owner-restricted (0600), thereby reducing the risk of unauthorized access.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11931. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart