❌

Normal view

Received β€” 28 April 2026 ⏭ /r/netsec - Information Security News & Discussion

[Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses)

Summary: I’m disclosing a full-chain CVSS 10.0 RCE affecting Microsoft Semantic Kernel (.NET v1.74) and the new Agent Framework 1.0.

The Timeline & Conflict: > * March 24: Initial disclosure sent to MSRC with PoC.

  • April 8: MSRC closed the case as "Developer Error / Configuration Issue."
  • The Reality: Despite the rejection, Microsoft silently merged mitigations in PRs #13683 and #13702 without assigning a CVE. This results in a "False Green" for enterprise SCA tools (Snyk/Checkmarx/Dependabot) while the bypasses remain functional.

Technical Scope:

  • Architectural Trust Gap (CWE-1039): Auto-invocation logic treats non-deterministic LLM output as a high-privilege system coordinator without a sandbox boundary.
  • 6 Day-Zero Bypasses: Discovery of Type Confusion and Unicode homoglyphs that defeat the "hardened" baseline in the April 2026 releases.
  • Versioning: Persistence confirmed from .NET v1.7x through the Agent Framework 1.0 re-baseline.

Full paper, .cast exploit recordings, and a production-ready C# remediation filter are available at the link.

submitted by /u/JDP-SEC
[link] [comments]
Received β€” 4 March 2026 ⏭ /r/netsec - Information Security News & Discussion

/r/netsec's Q1 2026 Information Security Hiring Thread

Overview

If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.

We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.

Please reserve top level comments for those posting open positions.

Rules & Guidelines

Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.

  • If you are a third party recruiter, you must disclose this in your posting.
  • Please be thorough and upfront with the position details.
  • Use of non-hr'd (realistic) requirements is encouraged.
  • While it's fine to link to the position on your companies website, provide the important details in the comment.
  • Mention if applicants should apply officially through HR, or directly through you.
  • Please clearly list citizenship, visa, and security clearance requirements.

You can see an example of acceptable posts by perusing past hiring threads.

Feedback

Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

submitted by /u/netsec_burn
[link] [comments]
❌