Microsoft Semantic-Kernel vulnerabilities
2 known vulnerabilities affecting microsoft/semantic-kernel.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2026-26030P2CRITICALCVSS 9.9fixed in 1.39.42026-02-19
CVE-2026-26030 [CRITICAL] CWE-94 CVE-2026-26030: Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability i
Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability in versions prior to 1.39.4, specifically within the `InMemoryVectorStore` filter functionality. The problem has been fixed in version `python-1.39.4`. Users should upgrade this version or higher. As a workaround, avoid using `InMemoryVectorStore` for
ghsanvdosv
CVE-2026-25592P2CRITICALCVSS 9.9fixed in 1.71.02026-02-06
CVE-2026-25592 [CRITICAL] CWE-22 CVE-2026-25592: Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems.
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.71.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. The problem has been fixed in Microsoft.SemanticKernel.Core version 1.71.0. As a mitigati
ghsanvdosv