Lucene search
K

50 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2026-34476

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...

7.1CVSS5.4AI score0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.7 views

Apache SkyWalking 安全漏洞

Apache SkyWalking is an application performance monitor developed by the Apache Foundation in the United States. It is primarily used for applications in microservices, cloud-native environments, and container-based systems. Versions of Apache SkyWalking starting from 10.3.0 contain security...

7.5CVSS5.8AI score0.00544EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 3:31 p.m.3 views

EUVD-2026-21918

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...

7.1CVSS5.8AI score0.00346EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/13 3:31 p.m.11 views

Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...

7.1CVSS5.8AI score0.00346EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/04/13 1:16 p.m.4 views

CVE-2026-34476

Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...

7.1CVSS0.00346EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

Apache SkyWalking MCP 安全漏洞

Apache SkyWalking MCP is a distributed system-oriented observability data management and processing component developed by the Apache Foundation. Version 0.1.0 of Apache SkyWalking MCP contains a security vulnerability, which stems from server-side request forgery in the SW-URL header...

7.1CVSS5.8AI score0.00346EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.10 views

PT-2026-32336

Name of the Vulnerable Software and Affected Versions Apache SkyWalking MCP version 0.1.0 Description Server-Side Request Forgery occurs via the 'SW-URL' header. Recommendations Upgrade to version 0.2.0...

7.1CVSS5.8AI score0.00346EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.8 views

PT-2026-32512

Apache SkyWalking CVE-2025-54057: Stored XSS https://t.co/U4ZzTJS7iT CVE-2026-34476: SSRF via SW-URL Header in MCP Server https://t.co/zPXOQv1Xff CVE-2026-34884: SSRF via set skywalking url Tool and GraphQL Expression Injection in MCP Server https://t.co/5H4PWKYENG...

7.1CVSS5.8AI score0.00625EPSS
Exploits0References1
Veracode
Veracode
added 2025/12/08 11:7 a.m.8 views

Cross-site Scripting

Apache SkyWalking is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of script-related HTML tags, allowing attackers to inject malicious JavaScript into web pages...

6.1CVSS6AI score0.00625EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2025/12/03 12:0 a.m.6 views

Apache SkyWalking Cross-Site Scripting Vulnerability (CNVD-2025-30566)

Apache SkyWalking is an application performance monitor from the Apache Foundation that is primarily used in environments such as microservices, cloud-native and container-based. A cross-site scripting vulnerability exists in Apache SkyWalking version 10.2.0 and earlier, which stems from not...

6.1CVSS6.1AI score0.00625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 10:31 p.m.5 views

CVE-2025-54057

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6.1CVSS6.6AI score0.00625EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/11/27 12:30 p.m.7 views

Apache SkyWalking has a stored XSS vulnerability

There is an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking versions = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue. Version 10.3.0 has not been uploaded to th...

6.1CVSS6.6AI score0.00625EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/11/27 12:30 p.m.6 views

EUVD-2025-199821

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6AI score0.00625EPSS
Exploits0References3
OSV
OSV
added 2025/11/27 12:30 p.m.25 views

GHSA-V6X2-4Q87-RF82 Apache SkyWalking has a stored XSS vulnerability

There is an Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking versions = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue. Version 10.3.0 has not been uploaded to th...

6.1CVSS5.8AI score0.00625EPSS
Exploits0References5
NVD
NVD
added 2025/11/27 12:15 p.m.16 views

CVE-2025-54057

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6.1CVSS0.00625EPSS
Exploits0References3
CVE
CVE
added 2025/11/27 11:47 a.m.25 views

CVE-2025-54057

Apache SkyWalking contains a stored/basic XSS vulnerability (CVE-2025-54057) due to improper neutralization of script-related HTML tags. Affects SkyWalking

6.1CVSS6.2AI score0.00625EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/27 11:47 a.m.3 views

CVE-2025-54057 Apache SkyWalking: Stored XSS vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6.2AI score0.00625EPSS
Exploits0References1
OSV
OSV
added 2025/11/27 11:47 a.m.6 views

CVE-2025-54057 Apache SkyWalking: Stored XSS vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache SkyWalking. This issue affects Apache SkyWalking: = 10.2.0. Users are recommended to upgrade to version 10.3.0, which fixes the issue...

6.1CVSS5.9AI score0.00625EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.16 views

Apache SkyWalking 安全漏洞

Apache SkyWalking is an application performance monitor from the Apache Foundation that is primarily used in environments such as microservices, cloud-native and container-based. A cross-site scripting vulnerability exists in Apache SkyWalking version 10.2.0 and earlier, which stems from not...

6.1CVSS5.7AI score0.00625EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.10 views

PT-2025-48241

Name of the Vulnerable Software and Affected Versions Apache SkyWalking versions prior to 10.3.0 Description The software contains an Improper Neutralization of Script-Related HTML Tags in a Web Page issue, also known as a Basic Cross-Site Scripting XSS flaw. This allows attackers to inject...

6.1CVSS5.6AI score0.00625EPSS
Exploits0References16
Rows per page
Query Builder