Microsoft Semantic Kernel CVE-2026-26030 CVSS 9.9 RCE
GitLab Advisory·high signal
Critical RCE in Microsoft Semantic Kernel Python SDK InMemoryVectorStore filter. Code injection with low privileges, no user interaction. Patched in python-1.39.4. Follows LangChain SSRF CVE — AI framework supply chain security is recurring critical vulnerability category.