- CVSS
- MEDIUM · 6.3 v3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
- Published
- 2025-10-08
- Weakness
- CWE-74, CWE-707
- Source
- nvd.nist.gov/vuln/detail/CVE-2025-11445
Description
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue.
References
- https://github.com/Kilo-Org/kilocode/pull/2244
- https://github.com/Kilo-Org/kilocode/pull/2244/commits/2fdddf89edba41ec3a527134e485a3388c464333
- https://mcpsec.dev/advisories/2025-10-02-kilo-code-ai-agent-supply-chain-attack/
- https://vuldb.com/?ctiid.327382
- https://vuldb.com/?id.327382
- https://vuldb.com/?submit.667004
How GTK Cyber trains on this
AI security training at GTK Cyber covers the LLM and ML-pipeline vulnerability classes that vulnerabilities like CVE-2025-11445 fall into. Our hands-on courses are taught by Charles Givre and other practitioners who break and defend production AI systems.