CVE-2026-34476

High

Published: 13 April 2026

Published

13 April 2026

Modified

20 April 2026

KEV Added

—

Patch

—

CVSS Score 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

EPSS Score 0.0008 23.3th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-34476 is a high-severity SSRF (CWE-918) vulnerability in Apache Skywalking Mcp. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly addresses the CVE by requiring timely identification, reporting, and correction of the SSRF flaw through upgrading to the fixed Apache SkyWalking MCP version 0.2.0.

SI-10 Information Input Validation good match

prevent

Validates inputs such as the SW-URL header to ensure they conform to expected formats, preventing attackers from forging unauthorized server-side requests to internal or external resources.

SC-7 Boundary Protection partial match

preventdetect

Monitors and controls communications at system boundaries to block or detect unauthorized outbound requests initiated by SSRF exploitation from the vulnerable server.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1046 Network Service Discovery Discovery

Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.

attack.mitre.org →

Why these techniques?

SSRF in a network-accessible application directly enables exploitation of public-facing apps (T1190) and facilitates internal network service discovery via forged requests to internal resources (T1046).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue.

Deeper analysisAI

CVE-2026-34476 is a Server-Side Request Forgery (SSRF) vulnerability exploited via the SW-URL Header in Apache SkyWalking MCP version 0.1.0. This flaw, classified under CWE-918, allows unauthorized requests to internal or external resources from the server context. The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N), indicating high severity due to its network accessibility and potential for significant confidentiality impact.

An attacker with low privileges, such as an authenticated user, can exploit this over the network with low complexity and no user interaction required. Successful exploitation enables the attacker to forge requests from the server, potentially accessing sensitive internal services or data, resulting in high confidentiality loss (C:H) and low integrity impact (I:L), with no availability disruption (A:N).

The Apache security advisory recommends upgrading to Apache SkyWalking MCP version 0.2.0, which addresses this issue. Additional details are available in the official Apache mailing list announcement at https://lists.apache.org/thread/v0k1xyzzbtnpyrwxwyn36pbspr8rhjnr and the OSS-Security mailing list at http://www.openwall.com/lists/oss-security/2026/04/13/4.

Details

CWE(s): CWE-918

Affected Products

apache

skywalking mcp

0.1.0 — 0.2.0

AI Security AnalysisAI

AI Category: AI Agent Protocols and Integrations
Risk Domain: Protocol-Specific Risks
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: mcp, mcp

CVEs Like This One

CVE-2026-42404Same vendor: Apache

CVE-2026-5346Shared CWE-918

CVE-2024-45479Same vendor: Apache

CVE-2025-22603Shared CWE-918

CVE-2026-0686Shared CWE-918

CVE-2025-24783Same vendor: Apache

CVE-2026-24343Same vendor: Apache

CVE-2025-61622Same vendor: Apache

CVE-2025-1849Shared CWE-918

CVE-2024-52577Same vendor: Apache

References

https://lists.apache.org/thread/v0k1xyzzbtnpyrwxwyn36pbspr8rhjnr
Vendor Advisory · security@apache.org
http://www.openwall.com/lists/oss-security/2026/04/13/4
Mailing List · af854a3a-2127-422b-91ae-364da2661108