Platform
java
Component
skywalking
Fixed in
10.3.1
10.4.0
CVE-2026-30778 describes a configuration leak vulnerability affecting Apache SkyWalking versions 9.7.0 through 10.3.0. This vulnerability allows attackers to potentially extract sensitive configuration details from MySQL or PostgreSQL databases integrated with SkyWalking. Affected users should upgrade to version 10.4.0 to address this security concern.
The vulnerability resides in the /debugging/config/dump endpoint within Apache SkyWalking's OAP (Observability Analysis Platform). An attacker who can access this endpoint can retrieve configuration information related to connected databases, specifically MySQL and PostgreSQL. This leaked data could include database credentials, connection strings, and other sensitive settings. Successful exploitation could enable unauthorized access to the underlying databases, leading to data breaches, data manipulation, or further compromise of the SkyWalking environment. The impact is particularly severe if the SkyWalking instance is deployed in a production environment with sensitive data.
This vulnerability was publicly disclosed on 2026-04-15. There are currently no known public exploits or active campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog at the time of this writing. The ease of exploitation is relatively low, as it requires access to the SkyWalking OAP server and knowledge of the /debugging/config/dump endpoint.
Exploit Status
EPSS
0.04% (11% percentile)
The primary mitigation for CVE-2026-30778 is to upgrade Apache SkyWalking to version 10.4.0 or later, which includes a fix for this vulnerability. If upgrading immediately is not feasible, consider temporarily disabling the /debugging/config/dump endpoint by configuring SkyWalking to not expose debugging endpoints. Additionally, restrict access to the SkyWalking OAP server using firewalls or network segmentation to limit potential attackers. Regularly review SkyWalking's configuration files and access logs for any suspicious activity.
Upgrade to version 10.4.0 of Apache SkyWalking to prevent potential leakage of sensitive MySQL/PostgreSQL configuration information through the /debugging/config/dump endpoint. This vulnerability allows attackers to access confidential data stored in the database configuration. Upgrading is the recommended solution to mitigate the risk.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-30778 is a vulnerability in Apache SkyWalking versions 9.7.0–10.3.0 where the /debugging/config/dump endpoint can leak sensitive MySQL/PostgreSQL configuration data.
If you are running Apache SkyWalking versions 9.7.0 through 10.3.0 and have not upgraded, you are potentially affected by this vulnerability.
Upgrade Apache SkyWalking to version 10.4.0 or later to resolve this configuration leak vulnerability. Temporarily disabling the /debugging/config/dump endpoint is a workaround.
As of the last update, there are no known active exploits or campaigns targeting CVE-2026-30778.
Refer to the official Apache SkyWalking security advisories and release notes for detailed information and updates regarding CVE-2026-30778.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.