cvedb.io
CVE-2026-35577
MEDIUM · CVSS 6.8
EPSS exploitation probability: 0%
Published 2026-04-09T20:16:25.987 · Last modified 2026-06-17T10:40:48.420

Summary

Apollo MCP Server is a Model Context Protocol server that exposes GraphQL operations as MCP tools. Prior to version 1.7.0, the Apollo MCP Server did not validate the Host header on incoming HTTP requests when using StreamableHTTP transport. In configurations where an HTTP-based MCP server is run on localhost without additional authentication or network-level controls, this could potentially allow a malicious website—visited by a user running the server locally—to use DNS rebinding techniques to bypass same-origin policy restrictions and issue requests to the local MCP server. If successfully exploited, this could allow an attacker to invoke tools or access resources exposed by the MCP server on behalf of the local user. This issue is limited to HTTP-based transport modes (StreamableHTTP).

Affected products

apollographql — apollo_mcp_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when apollographql ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.