Critical severity9.9NVD Advisory· Published Feb 6, 2026· Updated Apr 15, 2026
CVE-2026-25592
CVE-2026-25592
Description
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.71.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. The problem has been fixed in Microsoft.SemanticKernel.Core version 1.71.0. As a mitigation, users can create a Function Invocation Filter which checks the arguments being passed to any calls to DownloadFileAsync or UploadFileAsync and ensures the provided localFilePath is allow listed.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
semantic-kernelPyPI | < 1.39.3 | 1.39.3 |
Microsoft.SemanticKernel.CoreNuGet | < 1.71.0 | 1.71.0 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-2ww3-72rp-wpp4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-25592ghsaADVISORY
- github.com/microsoft/semantic-kernel/blob/main/dotnet/samples/Demos/CodeInterpreterPlugin/Program.csnvdWEB
- github.com/microsoft/semantic-kernel/pull/13478/changesnvdWEB
- github.com/microsoft/semantic-kernel/security/advisories/GHSA-2ww3-72rp-wpp4nvdWEB
News mentions
0No linked articles in our index yet.