semantic-kernel

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting semantic-kernelpage 1 of 1

CVE-2026-25592CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.39.3
2026-02-06
vulnerable: 0.0.1.dev0 ... 1.9.0 (125 versions)
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.71.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within t…
CVE-2026-26030CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.39.4
2026-02-19
vulnerable: 0.0.1.dev0 ... 1.9.0 (126 versions)
Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable to remote code execution ### Impact: An RCE vulnerability has been identified in Microsoft Semantic Kernel Python SDK, specifically within the `InMemoryVectorSt…

Check whether semantic-kernel is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for semantic-kernel CVEs against the assets you own.

Start Free Scan →