CVE-2026-26118

Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26118	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:azure_mcp_server::::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta1::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta10::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta11::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta12::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta13::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta14::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta15::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta16::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta2::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta3::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta4::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta5::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta6::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta7::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta8::::::
	cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta9::::::

History

No history.

Information

Published : 2026-03-10 18:18

Updated : 2026-03-13 20:12

NVD link : CVE-2026-26118

Mitre link : CVE-2026-26118

CVE.ORG link : CVE-2026-26118

JSON object : View

Products Affected

microsoft

azure_mcp_server

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2026-26118", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@microsoft.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-10T18:18:41.180", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26118", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secure@microsoft.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network."}, {"lang": "es", "value": "Falsificaci\u00f3n de petici\u00f3n del lado del servidor (SSRF) en Azure MCP Server permite a un atacante autorizado elevar privilegios a trav\u00e9s de una red."}], "lastModified": "2026-03-13T20:12:47.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08F2F33D-68BC-40BD-9945-9DAC13516B3F", "versionEndExcluding": "2.0.0"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE4BB62F-D65C-4BD7-A977-560951121A31"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E25804B6-4EBC-484C-AA53-5F36A125F63C"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60995316-44CA-4789-B168-BD759D3FDC7E"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69049E0E-CFEE-4051-BE1A-E6A10A346986"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E72117C-2C98-424A-BF6E-78553201F3AF"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE81B2AA-87D7-41B3-934E-F06EB9973B7A"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A733A0B0-6D86-4CEF-A594-214195F8A40E"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A0E69CE-C717-407D-84BA-8CC241F179B7"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7D01823-C2A0-4FB2-B0A9-53CD02FFDFFA"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F27295F4-18D0-428E-A2F1-77B3209B6183"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B88758F0-AE0F-4644-A2D0-EAB69F04B2AA"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1C2790F-D5F5-495A-9A70-01D0A69FECDF"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F30CE925-8322-43B4-B634-B08F0D69DF19"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "640182FA-C461-46A2-BDEE-0785DCA7C26B"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7F3A643-AC07-4EC7-A4E2-DD5B0937D728"}, {"criteria": "cpe:2.3:a:microsoft:azure_mcp_server:2.0.0:beta9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B304FD54-1827-4401-8DA9-C1D982667DBB"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}