A vulnerability marked as critical has been reported in Red Hat OpenShift Dev Spaces. The impacted element is an unknown function of the component vscode-java Extension. This manipulation causes argument injection.
This vulnerability appears as CVE-2026-12856. The attack may be initiated remotely. There is no available exploit.
