CVE-2026-26118: CWE-918: Server-Side Request Forgery (SSRF) in Microsoft Azure MCP Server Tools 1.0.0 (npm)
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
AI Analysis
Technical Summary
This vulnerability, tracked as CVE-2026-26118 and classified under CWE-918, affects Microsoft Azure MCP Server Tools version 1.0.0 distributed via npm. It enables an attacker with authorized access to exploit SSRF to elevate privileges within the network environment. The CVSS 3.1 vector indicates network attack vector, low attack complexity, required privileges, no user interaction, and high impact on confidentiality, integrity, and availability. The vulnerability is published and a patch is available, though no specific patch link is provided in the data.
Potential Impact
An authorized attacker exploiting this SSRF vulnerability can elevate privileges over the network, potentially gaining unauthorized access to sensitive resources or performing unauthorized actions. The high CVSS score (8.8) reflects severe impacts on confidentiality, integrity, and availability of the affected system.
Mitigation Recommendations
A patch is available for this vulnerability and should be applied promptly to remediate the issue. Since the vulnerability affects a non-cloud service (npm package), users should update Azure MCP Server Tools to a patched version once released by Microsoft. No known exploits are reported in the wild at this time.
CVE-2026-26118: CWE-918: Server-Side Request Forgery (SSRF) in Microsoft Azure MCP Server Tools 1.0.0 (npm)
Description
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability, tracked as CVE-2026-26118 and classified under CWE-918, affects Microsoft Azure MCP Server Tools version 1.0.0 distributed via npm. It enables an attacker with authorized access to exploit SSRF to elevate privileges within the network environment. The CVSS 3.1 vector indicates network attack vector, low attack complexity, required privileges, no user interaction, and high impact on confidentiality, integrity, and availability. The vulnerability is published and a patch is available, though no specific patch link is provided in the data.
Potential Impact
An authorized attacker exploiting this SSRF vulnerability can elevate privileges over the network, potentially gaining unauthorized access to sensitive resources or performing unauthorized actions. The high CVSS score (8.8) reflects severe impacts on confidentiality, integrity, and availability of the affected system.
Mitigation Recommendations
A patch is available for this vulnerability and should be applied promptly to remediate the issue. Since the vulnerability affects a non-cloud service (npm package), users should update Azure MCP Server Tools to a patched version once released by Microsoft. No known exploits are reported in the wild at this time.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- microsoft
- Date Reserved
- 2026-02-11T15:52:13.911Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69b05631ea502d3aa87d6b2f
Added to database: 3/10/2026, 5:34:41 PM
Last enriched: 4/18/2026, 2:16:00 PM
Last updated: 4/28/2026, 7:22:27 AM
Views: 140
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.