CVE-2026-26030

Обходное решение

The following has been identified as a workaround for this vulnerability.

Avoid using

InMemoryVectorStore

for production scenarios.

FAQ

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

How could an attacker exploit this vulnerability?

An attacker would need to reach an application that uses the vulnerable Semantic Kernel Python SDK and allows users to submit filter strings (for example, as part of search or query options) over the network. By sending a specially crafted filter value to such an application, the attacker could cause their code to run on the server with the application’s permissions, without needing to sign in or rely on any action from another user, provided this functionality is exposed to untrusted input.