Microsoft urges users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability. The issue, tracked as CVE-2021-26701 (CVSS score: 8.1), affects Windows PowerShell versions 7.0 and 7.1. The problem resides in the “System.Text.Encodings.Web” package, which provides types for encoding and escaping strings for use in JavaScript, HTML, and URLs. Windows PowerShell 5.1 isn’t impacted by the flaw.
Source: https://thehackernews.com/2021/07/microsoft-urges-azure-users-to-update.html