{"schema_version": "1.6.1", "id": "CVE-2026-34476", "summary": "Server-Side Request Forgery via SW-URL Header in MCP Server", "details": "Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP.\n\nThis issue affects Apache SkyWalking MCP: 0.1.0.\n\nUsers are recommended to upgrade to version 0.2.0, which fixes this issue.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "0.1.0"}, {"last_affected": "0.1.0"}]}]}], "references": [{"type": "WEB", "url": "https://lists.apache.org/thread/v0k1xyzzbtnpyrwxwyn36pbspr8rhjnr"}]}