github - ghsa-c934-4h55-jp45

ghsa-c934-4h55-jp45

Vulnerability from github

Published

2025-10-08 09:31

Modified

2025-10-08 09:31

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
2.1 (Low) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Details

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-11445"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-08T09:15:33Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue.",
  "id": "GHSA-c934-4h55-jp45",
  "modified": "2025-10-08T09:31:14Z",
  "published": "2025-10-08T09:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11445"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Kilo-Org/kilocode/pull/2244"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Kilo-Org/kilocode/pull/2244/commits/2fdddf89edba41ec3a527134e485a3388c464333"
    },
    {
      "type": "WEB",
      "url": "https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.327382"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.327382"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.667004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CVE-2025-11445 (GCVE-0-2025-11445)

Vulnerability from cvelistv5

Published

2025-10-08 08:32

Modified

2025-10-08 13:09

Severity ?

2.1 (Low) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-74 - Injection
CWE-707 - Improper Neutralization

Summary

References

▼	URL	Tags
	https://vuldb.com/?id.327382	vdb-entry, technical-description
	https://vuldb.com/?ctiid.327382	signature, permissions-required
	https://vuldb.com/?submit.667004	third-party-advisory
	https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack/	exploit
	https://github.com/Kilo-Org/kilocode/pull/2244	issue-tracking
	https://github.com/Kilo-Org/kilocode/pull/2244/commits/2fdddf89edba41ec3a527134e485a3388c464333	issue-tracking, patch

Impacted products

	Vendor	Product	Version
	n/a	Kilo Code	Version: 4.0 Version: 4.1 Version: 4.2 Version: 4.3 Version: 4.4 Version: 4.5 Version: 4.6 Version: 4.7 Version: 4.8 Version: 4.9 Version: 4.10 Version: 4.11 Version: 4.12 Version: 4.13 Version: 4.14 Version: 4.15 Version: 4.16 Version: 4.17 Version: 4.18 Version: 4.19 Version: 4.20 Version: 4.21 Version: 4.22 Version: 4.23 Version: 4.24 Version: 4.25 Version: 4.26 Version: 4.27 Version: 4.28 Version: 4.29 Version: 4.30 Version: 4.31 Version: 4.32 Version: 4.33 Version: 4.34 Version: 4.35 Version: 4.36 Version: 4.37 Version: 4.38 Version: 4.39 Version: 4.40 Version: 4.41 Version: 4.42 Version: 4.43 Version: 4.44 Version: 4.45 Version: 4.46 Version: 4.47 Version: 4.48 Version: 4.49 Version: 4.50 Version: 4.51 Version: 4.52 Version: 4.53 Version: 4.54 Version: 4.55 Version: 4.56 Version: 4.57 Version: 4.58 Version: 4.59 Version: 4.60 Version: 4.61 Version: 4.62 Version: 4.63 Version: 4.64 Version: 4.65 Version: 4.66 Version: 4.67 Version: 4.68 Version: 4.69 Version: 4.70 Version: 4.71 Version: 4.72 Version: 4.73 Version: 4.74 Version: 4.75 Version: 4.76 Version: 4.77 Version: 4.78 Version: 4.79 Version: 4.80 Version: 4.81 Version: 4.82 Version: 4.83 Version: 4.84 Version: 4.85 Version: 4.86.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11445",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-08T13:09:51.795439Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-08T13:09:54.569Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack/"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Prompt Handler"
          ],
          "product": "Kilo Code",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "status": "affected",
              "version": "4.2"
            },
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "status": "affected",
              "version": "4.4"
            },
            {
              "status": "affected",
              "version": "4.5"
            },
            {
              "status": "affected",
              "version": "4.6"
            },
            {
              "status": "affected",
              "version": "4.7"
            },
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "status": "affected",
              "version": "4.9"
            },
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "status": "affected",
              "version": "4.12"
            },
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "status": "affected",
              "version": "4.21"
            },
            {
              "status": "affected",
              "version": "4.22"
            },
            {
              "status": "affected",
              "version": "4.23"
            },
            {
              "status": "affected",
              "version": "4.24"
            },
            {
              "status": "affected",
              "version": "4.25"
            },
            {
              "status": "affected",
              "version": "4.26"
            },
            {
              "status": "affected",
              "version": "4.27"
            },
            {
              "status": "affected",
              "version": "4.28"
            },
            {
              "status": "affected",
              "version": "4.29"
            },
            {
              "status": "affected",
              "version": "4.30"
            },
            {
              "status": "affected",
              "version": "4.31"
            },
            {
              "status": "affected",
              "version": "4.32"
            },
            {
              "status": "affected",
              "version": "4.33"
            },
            {
              "status": "affected",
              "version": "4.34"
            },
            {
              "status": "affected",
              "version": "4.35"
            },
            {
              "status": "affected",
              "version": "4.36"
            },
            {
              "status": "affected",
              "version": "4.37"
            },
            {
              "status": "affected",
              "version": "4.38"
            },
            {
              "status": "affected",
              "version": "4.39"
            },
            {
              "status": "affected",
              "version": "4.40"
            },
            {
              "status": "affected",
              "version": "4.41"
            },
            {
              "status": "affected",
              "version": "4.42"
            },
            {
              "status": "affected",
              "version": "4.43"
            },
            {
              "status": "affected",
              "version": "4.44"
            },
            {
              "status": "affected",
              "version": "4.45"
            },
            {
              "status": "affected",
              "version": "4.46"
            },
            {
              "status": "affected",
              "version": "4.47"
            },
            {
              "status": "affected",
              "version": "4.48"
            },
            {
              "status": "affected",
              "version": "4.49"
            },
            {
              "status": "affected",
              "version": "4.50"
            },
            {
              "status": "affected",
              "version": "4.51"
            },
            {
              "status": "affected",
              "version": "4.52"
            },
            {
              "status": "affected",
              "version": "4.53"
            },
            {
              "status": "affected",
              "version": "4.54"
            },
            {
              "status": "affected",
              "version": "4.55"
            },
            {
              "status": "affected",
              "version": "4.56"
            },
            {
              "status": "affected",
              "version": "4.57"
            },
            {
              "status": "affected",
              "version": "4.58"
            },
            {
              "status": "affected",
              "version": "4.59"
            },
            {
              "status": "affected",
              "version": "4.60"
            },
            {
              "status": "affected",
              "version": "4.61"
            },
            {
              "status": "affected",
              "version": "4.62"
            },
            {
              "status": "affected",
              "version": "4.63"
            },
            {
              "status": "affected",
              "version": "4.64"
            },
            {
              "status": "affected",
              "version": "4.65"
            },
            {
              "status": "affected",
              "version": "4.66"
            },
            {
              "status": "affected",
              "version": "4.67"
            },
            {
              "status": "affected",
              "version": "4.68"
            },
            {
              "status": "affected",
              "version": "4.69"
            },
            {
              "status": "affected",
              "version": "4.70"
            },
            {
              "status": "affected",
              "version": "4.71"
            },
            {
              "status": "affected",
              "version": "4.72"
            },
            {
              "status": "affected",
              "version": "4.73"
            },
            {
              "status": "affected",
              "version": "4.74"
            },
            {
              "status": "affected",
              "version": "4.75"
            },
            {
              "status": "affected",
              "version": "4.76"
            },
            {
              "status": "affected",
              "version": "4.77"
            },
            {
              "status": "affected",
              "version": "4.78"
            },
            {
              "status": "affected",
              "version": "4.79"
            },
            {
              "status": "affected",
              "version": "4.80"
            },
            {
              "status": "affected",
              "version": "4.81"
            },
            {
              "status": "affected",
              "version": "4.82"
            },
            {
              "status": "affected",
              "version": "4.83"
            },
            {
              "status": "affected",
              "version": "4.84"
            },
            {
              "status": "affected",
              "version": "4.85"
            },
            {
              "status": "affected",
              "version": "4.86.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "echarris128 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue."
        },
        {
          "lang": "de",
          "value": "In Kilo Code up to 4.86.0 wurde eine Schwachstelle gefunden. Es ist betroffen die Funktion ClineProvider der Datei src/core/webview/ClineProvider.ts der Komponente Prompt Handler. Mittels Manipulieren mit unbekannten Daten kann eine injection-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden. Es wird geraten, einen Patch zu installieren, um dieses Problem zu l\u00f6sen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-707",
              "description": "Improper Neutralization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-08T08:32:07.925Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-327382 | Kilo Code Prompt ClineProvider.ts ClineProvider injection",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.327382"
        },
        {
          "name": "VDB-327382 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.327382"
        },
        {
          "name": "Submit #667004 | Kilo Code Kilo Code VS Code Extension 4.86.0 Insecure Permissions",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.667004"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack/"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/Kilo-Org/kilocode/pull/2244"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/Kilo-Org/kilocode/pull/2244/commits/2fdddf89edba41ec3a527134e485a3388c464333"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-07T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-10-07T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-10-07T15:35:25.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Kilo Code Prompt ClineProvider.ts ClineProvider injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-11445",
    "datePublished": "2025-10-08T08:32:07.925Z",
    "dateReserved": "2025-10-07T13:30:21.029Z",
    "dateUpdated": "2025-10-08T13:09:54.569Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted