CVE-2026-41134 | Microsoft kiota up to 1.31.0 Query Parameter code injection (GHSA-2hx3-vp6r-mg3f)

A vulnerability classified as critical was found in Microsoft kiota up to 1.31.0. Affected is an unknown function of the component Query Parameter Handler. Such manipulation leads to code injection.

This vulnerability is uniquely identified as CVE-2026-41134. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More