CVE-2026-59866 - Kiota: Arbitrary file write + code-injection via x-ms-kiota-info clientClassName and clientNamespaceName
CVE ID :CVE-2026-59866 Published : July 16, 2026, 4:19 p.m. | 15 minutes ago Description :Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota emitted x-ms-kiota-info clientClassName and clientNamespaceName values without identifier or path sanitization as both...