CVE-2026-59865 - Kiota: Command injection via x-ms-kiota-info dependencyInstallCommand surfaced by `kiota info`
CVE ID :CVE-2026-59865 Published : July 16, 2026, 4:19 p.m. | 15 minutes ago Description :Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, `kiota info` read x-ms-kiota-info.languagesInformation..dependencyInstallCommand plus dependency name and version values from an...