Severity: important Affected versions:
- Apache SkyWalking MCP 0.1.0 Description: SSRF via set_skywalking_url Tool and GraphQL expression injection vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue. Credit: Andrea Cosentino <[email protected]> (reporter) References: https://skywalking.apache.org/ https://www.cve.org/CVERecord?id=CVE-2026-34884
