Share
## https://sploitus.com/exploit?id=CA5BC12A-765B-5101-9555-4813FD4E179C
# Microsoft Semantic Kernel  B[Passed to VectorStore query/filter]
    B --> C[InMemoryVectorStore evaluates filter expression unsafely]
    C --> D[Unsafe attribute resolution via __class__ / __base__ / __subclasses__]
    D --> E[Access to __init__.__globals__ containing os and __builtins__]
    E --> F[Arbitrary code execution e.g. os.system]
    F --> G[Remote Code Execution in application context]
    style G fill:#ff6666,stroke:#333,stroke-width:2px
```

## Exploit Details

- **CVE**: CVE-2026-26030  
- **Date**: 2026-02-24  
- **Exploit Author**: Mohammed Idrees Banyamer  
- **Country**: Jordan  
- **Instagram**: @banyamer_security  
- **GitHub**: [mbanyamer](https://github.com/mbanyamer)  
- **Vendor Homepage**: https://github.com/microsoft/semantic-kernel  
- **Package**: https://pypi.org/project/semantic-kernel/  
- **Affected versions**: semantic-kernel = 1.39.4**

Applications using `InMemoryVectorStore` should:

- Never pass untrusted/user-controlled strings into filter expressions
- Apply strict input validation / sanitization if filters must be dynamic
- Consider safer / more restricted vector store implementations

## License
MIT License

Copyright ยฉ 2026 Mohammed Idrees Banyamer