High severityNVD Advisory· Published Mar 10, 2026· Updated Apr 14, 2026
Azure MCP Server Tools Elevation of Privilege Vulnerability
CVE-2026-26118
Description
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Azure.McpNuGet | >= 2.0.0-beta.1, < 2.0.0-beta.17 | 2.0.0-beta.17 |
Azure.McpNuGet | >= 1.0.0, < 1.0.2 | 1.0.2 |
@azure/mcpnpm | >= 2.0.0-beta.1, < 2.0.0-beta.17 | 2.0.0-beta.17 |
msmcp-azurePyPI | >= 2.0.0b14, < 2.0.0b17 | 2.0.0b17 |
@azure/mcpnpm | >= 1.0.0, < 1.0.2 | 1.0.2 |
Affected products
8- ghsa-coords3 versions
>= 2.0.0-beta.1, < 2.0.0-beta.17+ 2 more
- (no CPE)range: >= 2.0.0-beta.1, < 2.0.0-beta.17
- (no CPE)range: >= 2.0.0-beta.1, < 2.0.0-beta.17
- (no CPE)range: >= 2.0.0b14, < 2.0.0b17
- Microsoft/Azure MCP Server Tools 1.0.0 (npm)v5Range: 1.0.0
- Microsoft/Azure MCP Server Tools 1.0.0 (NuGet)v5Range: 1.0.0
- Microsoft/Azure MCP Server Tools 2.0.0 (npm)v5Range: 2.0.0-beta.1
- Microsoft/Azure MCP Server Tools 2.0.0 (NuGet)v5Range: 2.0.0-beta.1
- Microsoft/Azure MCP Server Tools 2.0.0 (PyPi)v5Range: 2.0.0-beta.1
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-hhfx-wfvq-7g9cghsaADVISORY
- msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26118ghsavendor-advisorypatchWEB
- nvd.nist.gov/vuln/detail/CVE-2026-26118ghsaADVISORY
- github.com/microsoft/mcp/commit/804ff60293206c4d8e832f772097238561bf2c34ghsaWEB
- github.com/microsoft/mcp/releases/tag/Azure.Mcp.Server-1.0.2ghsaWEB
- github.com/microsoft/mcp/releases/tag/Azure.Mcp.Server-2.0.0-beta.17ghsaWEB
News mentions
0No linked articles in our index yet.