{"vulnerability": "CVE-2026-59865", "sightings": [{"uuid": "6b07b4be-456d-4405-aec7-65cf365e2927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59865", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqrm6qrdhu2u", "content": "CVE-2026-59865 - Kiota: Command injection via x-ms-kiota-info dependencyInstallCommand surfaced by `kiota info`\nCVE ID : CVE-2026-59865\n \n Published : July 16, 2026, 2:43 p.m. | 51\u00a0minutes ago\n \n Description : Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32...", "creation_timestamp": "2026-07-16T16:00:20.475199Z"}, {"uuid": "3acaee8b-a1dc-4528-a7ff-f455fd725c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59865", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqrou5lqyq2o", "content": "CVE-2026-59865 - kiota\nThe Kiota tool can execute malicious commands when generating install instructions for dependencies. This happened when Kiota read and executed commands from compromised or\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#kiota #microsoft #CVE #infosec", "creation_timestamp": "2026-07-16T16:48:05.831505Z"}]}