PT-2026-60492 · Microsoft · Kiota
CVE-2026-59867
·
Published
2026-07-16
·
Updated
2026-07-16
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N |
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota resolved OpenAPI $ref values by fetching remote http(s) URLs and reading local absolute or out-of-tree file paths, allowing
kiota generate on an attacker-controlled or attacker-influenced description to perform build-time SSRF, remote file inclusion, and local file inclusion by inlining external schemas such as REMOTE KIOTA PROP or Leaked into generated clients. This issue is fixed in version 1.32.5 by AllowedExternalOriginsStreamLoader and the --allowed-external-origins option.Fix
Path traversal
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Kiota