CVE-2026-25046

Name of the Vulnerable Software and Affected Versions Kimi Agent SDK versions prior to 0.1.6

Description The Kimi Agent SDK libraries expose the Kimi Code agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to the execSync() function as shell command strings. Filenames containing shell metacharacters, such as $(cmd), could potentially execute arbitrary commands. This issue is present only in the repository’s development scripts and does not affect published VSCode extensions. The scripts utilize the execSync() function with filenames as arguments, which allows for command injection.

Recommendations Update to version 0.1.6 or later, which replaces execSync with execFileSync using array arguments. Ensure .vsix files in the project directory have safe filenames before running publish scripts.