CVE-2026-12856: Malicious JavaDoc Links Enable Arbitrary VS Code Command Execution — Casky — Casky