CVE-2026-25592

Name of the Vulnerable Software and Affected Versions Microsoft Semantic Kernel versions prior to 1.71.0

Description Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. A critical Arbitrary File Write issue exists within the SessionsPythonPlugin. This allows for potential remote path traversal and arbitrary file writes. The issue is due to unchecked paths when handling file operations. The vulnerability affects developers who have built applications using the Microsoft Semantic Kernel .NET SDK and the SessionsPythonPlugin. The DownloadFileAsync and UploadFileAsync functions are specifically implicated, with the localFilePath variable being a key point of concern.

Recommendations Versions prior to 1.71.0 should be updated to version 1.71.0 or later. As a mitigation, create a Function Invocation Filter to validate arguments passed to DownloadFileAsync and UploadFileAsync, ensuring the localFilePath is allow listed.