{"uuid": "d49570df-91f6-4b41-af3a-2db1a9e3b3f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-26030", "type": "seen", "source": "https://bsky.app/profile/heysec.com/post/3mpxedekc4q2k", "content": "Microsoft recorded CVE-2026-26030 and CVE-2026-25592 for prompt injection in Semantic Kernel.\nCalling this \"by design\" confirms a clear risk: malicious text driving tool actions is a recognized threat.\n\nhttps://heysec.com/2026/06/what-prompt-injection-is-and-why-microsoft-is-filing-cves/", "creation_timestamp": "2026-07-06T05:30:32.397158Z"}