Skip to main content

Apache CVE-2026-34884

2026-04-24

Lifecycle Timeline

1
CVE Published
Apr 24, 2026 - 12:21 nvd
N/A

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

Analysis

Pre-NVD disclosure via oss-security: oss-security mailing list - 2026/04/13. erates session ids insecurely (Robert Rothenberg <rrwo@...nsec.org>) CVE-2025-54057: Apache SkyWalking: Stored XSS vulnerability (Zhenxu Ke <kezhenxu94@...che.org>) CVE-2026-34476: Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server (Qiuxia Fan <qiuxiafan@...che.org>) CVE-2026-34884: Apache SkyWalking MCP: SSRF via set_skywalking_url Tool and GraphQL Expression Injection in MCP Server (Qiuxia Fan <qiuxiafan@...che.org>) CVE-2025-66236: Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI (Rahul Vats <rahulvats@...che.org>) CVE-2026-33858: Ap

Share

CVE-2026-34884 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy