CVE-2026-5429 is a cross-site scripting (CWE-79) vulnerability affecting AWS Kiro IDE prior to version 0.8.140. The flaw exists due to improper neutralization of input during web page generation within the Kiro Agent webview component. Specifically, the vulnerability is triggered by a crafted color theme name embedded in a workspace. When a local user opens such a workspace and accepts the prompt to trust it, the malicious input is rendered without adequate sanitization, enabling remote unauthenticated attackers to execute arbitrary code in the context of the IDE's webview. This can lead to full compromise of the IDE environment, including unauthorized access to sensitive data, modification of files, or disruption of IDE functionality. The attack vector requires user interaction—specifically, the user must trust the workspace upon prompt—limiting the ease of exploitation but still posing a significant risk. The vulnerability has a CVSS 3.1 base score of 7.8, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges required. AWS has addressed the issue in version 0.8.140, and users are strongly advised to upgrade. No public exploits have been reported yet, but the potential for damage is substantial given the ability to execute arbitrary code remotely.

The vulnerability allows remote attackers to execute arbitrary code within the Kiro IDE environment, potentially leading to full compromise of the development environment. This can result in unauthorized access to source code, credentials, and other sensitive data managed within the IDE. Integrity of code and configurations can be altered, leading to supply chain risks or introduction of malicious code. Availability may also be affected if the IDE or associated services are disrupted. Since the attack requires user trust of a malicious workspace, social engineering is a likely exploitation vector, increasing risk in environments where developers frequently open external or shared workspaces. Organizations relying on Kiro IDE for software development, especially those handling sensitive or proprietary code, face risks of intellectual property theft, code tampering, and operational disruption.

1. Upgrade AWS Kiro IDE to version 0.8.140 or later immediately to apply the official patch addressing this vulnerability. 2. Implement strict policies to verify and validate all workspaces before trusting them, especially those obtained from external or untrusted sources. 3. Educate developers and users about the risks of trusting unknown workspaces and encourage skepticism of unsolicited workspace prompts. 4. Employ endpoint security solutions that can detect anomalous behavior within IDE environments, such as unexpected script execution or network activity. 5. Consider sandboxing or isolating development environments to limit the impact of potential code execution exploits. 6. Monitor IDE logs and network traffic for signs of exploitation attempts or unusual activity related to workspace loading. 7. Regularly review and update security awareness training to include emerging threats related to development tools and environments.