RCE in Microsoft Kiota

CVE-2026-59865

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, `kiota info` read x-ms-kiota-info.languagesInformation.<language>.dependencyInstallCommand plus dependency name and version values from an OpenAPI description and prese…

Vulnerability class: RCE (Remote Code Execution)

Affected products

Weakness classification (CWE)

References