CVE-2026-26030: Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable to remote code execution
Impact:
An RCE vulnerability has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality.
Patches:
The problem has been fixed in python-1.39.4. Users should upgrade this version or higher.
Workarounds:
Avoid using InMemoryVectorStore for production scenarios.
References:
Release python-1.39.4 · microsoft/semantic-kernel · GitHub PR to block use of dangerous attribute names that must not be accessed in filter expressions
References
- github.com/advisories/GHSA-xjw9-4gw8-4rqx
- github.com/microsoft/semantic-kernel
- github.com/microsoft/semantic-kernel/pull/13505
- github.com/microsoft/semantic-kernel/releases/tag/python-1.39.4
- github.com/microsoft/semantic-kernel/security/advisories/GHSA-xjw9-4gw8-4rqx
- nvd.nist.gov/vuln/detail/CVE-2026-26030
Code Behaviors & Features
Detect and mitigate CVE-2026-26030 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →