CVE-2026-59867
CVE-2026-59867 affects Kiota, an OpenAPI-based HTTP client code generator. Before 1.32.5, Kiota’s OpenAPI $ref resolution could fetch remote http(s) URLs or read local absolute/out-of-tree file paths, enabling build‑time SSRF, remote file inclusion, and local file inclusion when generating client...