CVE-2026-8765

Summary

A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component File Diff API Endpoint. Performing a manipulation of the argument File results in path traversal. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
Kilo-Orgkilocode7.0.0affected
Kilo-Orgkilocode7.0.1affected
Kilo-Orgkilocode7.0.2affected
Kilo-Orgkilocode7.0.3affected
Kilo-Orgkilocode7.0.4affected
Kilo-Orgkilocode7.0.5affected
Kilo-Orgkilocode7.0.6affected
Kilo-Orgkilocode7.0.7affected
Kilo-Orgkilocode7.0.8affected
Kilo-Orgkilocode7.0.9affected
Kilo-Orgkilocode7.0.10affected
Kilo-Orgkilocode7.0.11affected
Kilo-Orgkilocode7.0.12affected
Kilo-Orgkilocode7.0.13affected
Kilo-Orgkilocode7.0.14affected
Kilo-Orgkilocode7.0.15affected
Kilo-Orgkilocode7.0.16affected
Kilo-Orgkilocode7.0.17affected
Kilo-Orgkilocode7.0.18affected
Kilo-Orgkilocode7.0.19affected
Kilo-Orgkilocode7.0.20affected
Kilo-Orgkilocode7.0.21affected
Kilo-Orgkilocode7.0.22affected
Kilo-Orgkilocode7.0.23affected
Kilo-Orgkilocode7.0.24affected
Kilo-Orgkilocode7.0.25affected
Kilo-Orgkilocode7.0.26affected
Kilo-Orgkilocode7.0.27affected
Kilo-Orgkilocode7.0.28affected
Kilo-Orgkilocode7.0.29affected
Kilo-Orgkilocode7.0.30affected
Kilo-Orgkilocode7.0.31affected
Kilo-Orgkilocode7.0.32affected
Kilo-Orgkilocode7.0.33affected
Kilo-Orgkilocode7.0.34affected
Kilo-Orgkilocode7.0.35affected
Kilo-Orgkilocode7.0.36affected
Kilo-Orgkilocode7.0.37affected
Kilo-Orgkilocode7.0.38affected
Kilo-Orgkilocode7.0.39affected
Kilo-Orgkilocode7.0.40affected
Kilo-Orgkilocode7.0.41affected
Kilo-Orgkilocode7.0.42affected
Kilo-Orgkilocode7.0.43affected
Kilo-Orgkilocode7.0.44affected
Kilo-Orgkilocode7.0.45affected
Kilo-Orgkilocode7.0.46affected
Kilo-Orgkilocode7.0.47affected

Weaknesses

  • CWE-22: Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References