Vibe Coding
Azure MCP Server SSRF Vulnerability CVE-2026-26118: Token Theft via Managed Identity
Microsoft patched CVE-2026-26118 (CVSS 8.8) in March Patch Tuesday — a server-side request forgery in Azure MCP Server Tools that lets an attacker submit a malicious URL in place of an Azure resource identifier. The MCP server then sends an outbound request to the attacker's URL, potentially including the server's managed identity token, enabling privilege escalation over the network. This follows a broader pattern: 30+ MCP CVEs were filed in the first two months of 2026 alone, including a CVSS 9.6 RCE.
Source
↳ Follow the thread