CVE-2026-59865 Kiota: Command injection via x-ms-kiota-info dependencyInstallCommand surfaced by `kiota info`
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, kiota info read x-ms-kiota-info.languagesInformation..dependencyInstallCommand plus dependency name and version values from an OpenAPI description and presented the spec-supplied command as Kiota's recommended install command,...