CVE-2026-35577 Missing Host Header Validation in Apollo MCP Server for Localhost Deployments

Apollo MCP Server is a Model Context Protocol server that exposes GraphQL operations as MCP tools. Prior to version 1.7.0, the Apollo MCP Server did not validate the Host header on incoming HTTP requests when using StreamableHTTP transport. In configurations where an HTTP-based MCP server is run ...

Apollo MCP Server 访问控制错误漏洞

The Apollo MCP Server is an open-source service from Apollo GraphQL that exposes GraphQL operations as AI tools. Versions of the Apollo MCP Server prior to 1.7.0 contained a access control vulnerability. This vulnerability stemmed from the lack of validation of the Host header in incoming HTTP...

Apollo Router Core: Browser Bug Enables Bypass of XS-Search Prevention via Read-Only Cross-Site Request Forgery

Impact In a Cross-Site Request Forgery attack, untrusted web content causes browsers to send authenticated requests to web servers which use cookies for authentication. While the web content is prevented from reading the request's response due to the Cross-Origin Request Sharing CORS protocol, th...

GHSA-HFF2-GCPX-8F4P Apollo Router Core: Browser Bug Enables Bypass of XS-Search Prevention via Read-Only Cross-Site Request Forgery

Impact In a Cross-Site Request Forgery attack, untrusted web content causes browsers to send authenticated requests to web servers which use cookies for authentication. While the web content is prevented from reading the request's response due to the Cross-Origin Request Sharing CORS protocol, th...

inigo-rs (>=0.1.5 <=0.27.8) potentially affected by unknown CVE via apollo-router (=1.2.1)

apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: unknown CVE Source advisory: OSV:GHSA-HFF2-GCPX-8F4P...

@2ly/runtime (>=0.0.3 <=0.2.5), @aa.tamura/lib-gqf (>=0.0.1 <=0.0.5) +551 more potentially affected by unknown CVE via @apollo/server (>=4.10.0 <=5.4.0)

@apollo/server NPM version =4.10.0, =0.0.3, =0.0.1, =0.0.0, =0.0.9, =1.0.6, =0.0.4, =0.0.29, =0.0.4, =0.0.4, =0.0.29, =0.0.32, =1.1.1, =4.1.0, =0.0.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9Q82-XGWF-VJ6H...

2mxdev-gql-gateway (=1.0.0), 4m-node-server (>=0.0.1 <=0.0.8) +3178 more potentially affected by unknown CVE via apollo-server-core (>=1.3.2 <=3.9.0)

apollo-server-core NPM version =1.3.2, =0.0.1, =1.0.2, =0.0.80, =3.10.1, =1.2.0-pre.24, =1.0.1, =1.0.0, =1.0.0, =0.5.0, =1.0.0, =0.1.3, =0.0.1, =0.1.1, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-APOLLOSERVERCORE-15790567...

Apollo Server: Browser bug allows for bypass of XS-Search (read-only Cross-Site Request Forgery) prevention

Impact In a Cross-Site Request Forgery attack, untrusted web content causes browsers to send authenticated requests to web servers which use cookies for authentication. While the web content is prevented from reading the request's response due to the Cross-Origin Request Sharing CORS protocol, an...

GHSA-9Q82-XGWF-VJ6H Apollo Server: Browser bug allows for bypass of XS-Search (read-only Cross-Site Request Forgery) prevention

Impact In a Cross-Site Request Forgery attack, untrusted web content causes browsers to send authenticated requests to web servers which use cookies for authentication. While the web content is prevented from reading the request's response due to the Cross-Origin Request Sharing CORS protocol, an...

2mxdev-gql-gateway (=1.0.0), 4m-node-server (>=0.0.1 <=0.0.8) +3174 more potentially affected by unknown CVE via apollo-server-core (>=1.3.2 <=3.13.0)

apollo-server-core NPM version =1.3.2, =0.0.1, =1.0.2, =0.0.80, =3.10.1, =1.2.0-pre.24, =1.0.1, =1.0.0, =1.0.0, =0.5.0, =1.0.0, =0.1.3, =0.1.0, =0.4.52, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9Q82-XGWF-VJ6H...

@apollo/server-integration-testsuite (>=5.0.0 <=5.4.0), @commitspark/graphql-api (>=1.0.0-beta.3 <=1.0.0-beta.6) +24 more potentially affected by unknown CVE via @apollo/server (>=5.0.0-rc.0 <=5.4.0)

@apollo/server NPM version =5.0.0-rc.0, =5.0.0, =1.0.0-beta.3, =1.217.0, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =0.2.3, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.20.2, =2.22.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-APOLLOSERVER-15790568...

Information Exposure

Overview apollo-server-core is a core module of the Apollo community GraphQL Server. Affected versions of this package are vulnerable to Information Exposure in the request handling process. An attacker can infer sensitive information about server responses by issuing specially crafted...

EUVD-2026-16175

Apollo Serve vulnerable to Denial of Service with startStandaloneServer...

CVE-2026-32621

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios. A malicious client m...

CVE-2026-32621

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios. A malicious client m...

Malicious code in typescript-vue-apollo-smart-ops (npm)

The package 'typescript-vue-apollo-smart-ops' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Apollo Federation 安全漏洞

Apollo Federation is an architecture in the Apollo community that combines APIs into a unified graph through declarative methods. Vulnerabilities exist in versions of Apollo Federation before 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2. These vulnerabilities stem from vulnerabilities in the query...

MAL-2026-1555 Malicious code in typescript-vue-apollo-smart-ops (npm)

The package 'typescript-vue-apollo-smart-ops' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Prototype Pollution

Overview @apollo/gateway is a library exporting utility functions. Affected versions of this package are vulnerable to Prototype Pollution through incomplete sanitization of input in the query plan execution. An attacker can manipulate the Object.prototype in the gateway by crafting operations wi...

@faasjs/graphql-server (>=0.0.2-beta.4 <=0.0.2-beta.253), @galdirik/common (>=1.0.52 <=1.1.42) +69 more potentially affected by CVE-2026-32621 via @apollo/gateway (>=2.0.0-preview.2 <=2.9.3)

@apollo/gateway NPM version =2.0.0-preview.2, =0.0.2-beta.4, =1.0.52, =1.7.3, =3.0.5, =3.0.4, =0.2.0, =0.11.46, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =8.6.7, =6.0.0-dev.156-swarm.1, =0.7.0-alpha.3, =0.7.32 and more Source cves: CVE-2026-32621 Source advisory: SNYK:JS-APOLLOGATEWAY-15612461...