CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/15 12:0 a.m.•4 views

Apache SkyWalking 安全漏洞

Apache SkyWalking is an application performance monitor developed by the Apache Foundation in the United States. It is primarily used for applications in microservices, cloud-native environments, and container-based systems. Versions of Apache SkyWalking starting from 10.3.0 contain security...

7.5CVSS5.8AI score0.00544EPSS

EUVD•added 2026/04/13 3:31 p.m.•1 views

EUVD-2026-21918

Github Security Blog•added 2026/04/13 3:31 p.m.•7 views

Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server

Exploits0References4Affected Software1

NVD•added 2026/04/13 1:16 p.m.•2 views

CVE-2026-34476

7.1CVSS0.00346EPSS

CNNVD•added 2026/04/13 12:0 a.m.•3 views

Apache SkyWalking MCP 安全漏洞

Apache SkyWalking MCP is a distributed system-oriented observability data management and processing component developed by the Apache Foundation. Version 0.1.0 of Apache SkyWalking MCP contains a security vulnerability, which stems from server-side request forgery in the SW-URL header...

Positive Technologies•added 2026/04/13 12:0 a.m.•4 views

PT-2026-32512

Apache SkyWalking CVE-2025-54057: Stored XSS https://t.co/U4ZzTJS7iT CVE-2026-34476: SSRF via SW-URL Header in MCP Server https://t.co/zPXOQv1Xff CVE-2026-34884: SSRF via set skywalking url Tool and GraphQL Expression Injection in MCP Server https://t.co/5H4PWKYENG...

7.1CVSS5.8AI score0.00614EPSS

Positive Technologies•added 2026/04/13 12:0 a.m.•4 views

PT-2026-32336

Veracode•added 2025/12/08 11:7 a.m.•6 views

Cross-site Scripting

Apache SkyWalking is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of script-related HTML tags, allowing attackers to inject malicious JavaScript into web pages...

6.1CVSS6AI score0.00614EPSS

Exploits0References6Affected Software1

CNVD•added 2025/12/03 12:0 a.m.•6 views

Apache SkyWalking Cross-Site Scripting Vulnerability (CNVD-2025-30566)

Apache SkyWalking is an application performance monitor from the Apache Foundation that is primarily used in environments such as microservices, cloud-native and container-based. A cross-site scripting vulnerability exists in Apache SkyWalking version 10.2.0 and earlier, which stems from not...

6.1CVSS6.1AI score0.00614EPSS

RedhatCVE•added 2025/12/02 10:31 p.m.•3 views

CVE-2025-54057

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6.1CVSS6.6AI score0.00614EPSS

EUVD•added 2025/11/27 12:30 p.m.•3 views

EUVD-2025-199821

6AI score0.00614EPSS

Exploits0References3

OSV•added 2025/11/27 12:30 p.m.•2 views

GHSA-V6X2-4Q87-RF82 Apache SkyWalking has a stored XSS vulnerability

There is an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking versions = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue. Version 10.3.0 has not been uploaded to th...

6.1CVSS5.8AI score0.00614EPSS

Exploits0References5

Github Security Blog•added 2025/11/27 12:30 p.m.•5 views

Apache SkyWalking has a stored XSS vulnerability

6.1CVSS6.6AI score0.00614EPSS

Exploits0References5Affected Software1

NVD•added 2025/11/27 12:15 p.m.•5 views

CVE-2025-54057

6.1CVSS0.00614EPSS

Exploits0References3

OSV•added 2025/11/27 12:15 p.m.•3 views

CVE-2025-54057

6.1CVSS6.5AI score

CVE•added 2025/11/27 11:47 a.m.•19 views

CVE-2025-54057

Apache SkyWalking contains a stored/basic XSS vulnerability (CVE-2025-54057) due to improper neutralization of script-related HTML tags. Affects SkyWalking

6.1CVSS6.2AI score0.00614EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/11/27 11:47 a.m.•3 views

CVE-2025-54057 Apache SkyWalking: Stored XSS vulnerability

6.2AI score0.00614EPSS