Cyber Resilience

CVE-2026-34476

High

Published: 13 April 2026

Published
13 April 2026
Modified
20 April 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0008 23.4th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-34476 is a high-severity SSRF (CWE-918) vulnerability in Apache Skywalking Mcp. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-34476 is a Server-Side Request Forgery (SSRF) vulnerability exploited via the SW-URL Header in Apache SkyWalking MCP version 0.1.0. This flaw, classified under CWE-918, allows unauthorized requests to internal or external resources from the server context. The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N), indicating high severity due to its network accessibility and potential for significant confidentiality impact.

An attacker with low privileges, such as an authenticated user, can exploit this over the network with low complexity and no user interaction required. Successful exploitation enables the attacker to forge requests from the server, potentially accessing sensitive internal services or data, resulting in high confidentiality loss (C:H) and low integrity impact (I:L), with no availability disruption (A:N).

The Apache security advisory recommends upgrading to Apache SkyWalking MCP version 0.2.0, which addresses this issue. Additional details are available in the official Apache mailing list announcement at https://lists.apache.org/thread/v0k1xyzzbtnpyrwxwyn36pbspr8rhjnr and the OSS-Security mailing list at http://www.openwall.com/lists/oss-security/2026/04/13/4.

EU & UK References

Vulnerability details

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: mcp

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1046 Network Service Discovery Discovery
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
Why these techniques?

SSRF in a network-accessible application directly enables exploitation of public-facing apps (T1190) and facilitates internal network service discovery via forged requests to internal resources (T1046).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-45479Same vendor: Apache
CVE-2026-42404Same vendor: Apache
CVE-2026-31910Same vendor: Apache
CVE-2026-29226Same vendor: Apache
CVE-2026-5346Shared CWE-918
CVE-2025-22603Shared CWE-918
CVE-2026-27446Same vendor: Apache
CVE-2024-32838Same vendor: Apache
CVE-2024-13924Shared CWE-918
CVE-2026-42860Shared CWE-918

Affected Assets

apache
skywalking mcp
0.1.0 — 0.2.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the CVE by requiring timely identification, reporting, and correction of the SSRF flaw through upgrading to the fixed Apache SkyWalking MCP version 0.2.0.

prevent

Validates inputs such as the SW-URL header to ensure they conform to expected formats, preventing attackers from forging unauthorized server-side requests to internal or external resources.

preventdetect

Monitors and controls communications at system boundaries to block or detect unauthorized outbound requests initiated by SSRF exploitation from the vulnerable server.

References