CVE-2026-4295 | Amazon AWS Kiro IDE up to 0.7.x Project inclusion of functionality from untrusted control sphere

A vulnerability labeled as critical has been found in Amazon AWS Kiro IDE up to 0.7.x. Affected is an unknown function of the component Project Handler. The manipulation results in inclusion of functionality from untrusted control sphere.

This vulnerability was named CVE-2026-4295. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More