CVE-2026-25592 – Microsoft Semantic Kernel Remote Code Execution Vulnerability
“A critical weakness in an AI orchestration framework could allow attackers to run code and take control of systems integrating AI services.”
This patch addresses a critical vulnerability (CVE-2026-25592) affecting Microsoft Semantic Kernel, a framework used to integrate large language models and AI services into applications. The issue stems from improper handling of certain external inputs within the framework, allowing attackers to inject malicious commands through crafted interactions.
An attacker could exploit this weakness to execute arbitrary code on systems running vulnerable Semantic Kernel deployments. Successful exploitation may allow attackers to manipulate AI workflows, access sensitive data, or gain full control of the host environment where the framework is deployed. CVE-2026-25592 carries a CVSS v3.1 score of 10.0 (Critical).
Microsoft addressed the vulnerability through updates that strengthen input validation and improve how external prompts and plugin interactions are processed within the framework. Systems running vulnerable versions remain exposed to remote compromise until the patched release is deployed.