CVE-2026-34361
published 2026-03-31CVE-2026-34361: HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP…
PriorityP260critical9.3CVSS 3.1
AVNACLPRNUINSCCHILAN
EPSS
0.30%
21.5th percentile
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith() URL prefix matching flaw in the credential provider (ManagedWebAccessUtils.getServer()), an attacker can steal authentication tokens (Bearer, Basic, API keys) configured for legitimate FHIR servers by registering a domain that prefix-matches a configured server URL. This issue has been patched in version 6.9.4.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hapifhir | hl7_fhir_core | < 6.9.4 | 6.9.4 |
| hapifhir | org.hl7.fhir.core | < 6.9.4 | 6.9.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated HTTP requests to the '/loadIG' endpoint on HAPI FHIR Validator HTTP service instances, which may indicate exploitation attempts triggering outbound SSRF to attacker-controlled URLs. ↗
- →Inspect outbound HTTP requests originating from HAPI FHIR Validator processes for requests to unexpected or external domains, particularly those that prefix-match configured legitimate FHIR server URLs — this is the SSRF exfiltration path for auth tokens. ↗
- →Audit the credential provider logic in ManagedWebAccessUtils.getServer() for startsWith() URL prefix matching, which is the root cause allowing token leakage to attacker-controlled domains. ↗
- ·Authentication tokens of all types (Bearer, Basic, API keys) configured for legitimate FHIR servers are at risk of exfiltration if the validator service is reachable and credentials are configured, due to the URL prefix-matching flaw. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
ghsa·2026-03-30
CVE-2026-34361 [CRITICAL] CWE-522 FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
## Summary
The FHIR Validator HTTP service exposes an unauthenticated `/loadIG` endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a `startsWith()` URL prefix matching flaw in the credential provider (`ManagedWebAccessUtils.getServer()`), an attacker can steal authentication tokens (Bearer, Basic, API keys) configured for legitimate FHIR servers by registering a domain that prefix-matches a configured server URL.
## Details
**Step 1 — SSRF Entry Point** (`LoadIGHTTPHandler.java:35-43`):
The `/loadIG` endpoint accepts unauthenticated POST requests with a JSON body containing an `ig` field. The value is passed directly to `IgLoader.l
OSV
FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
osv·2026-03-30
CVE-2026-34361 [CRITICAL] FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
## Summary
The FHIR Validator HTTP service exposes an unauthenticated `/loadIG` endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a `startsWith()` URL prefix matching flaw in the credential provider (`ManagedWebAccessUtils.getServer()`), an attacker can steal authentication tokens (Bearer, Basic, API keys) configured for legitimate FHIR servers by registering a domain that prefix-matches a configured server URL.
## Details
**Step 1 — SSRF Entry Point** (`LoadIGHTTPHandler.java:35-43`):
The `/loadIG` endpoint accepts unauthenticated POST requests with a JSON body containing an `ig` field. The value is passed directly to `IgLoader.l
No detection rules found.
No public exploits indexed.
2026-03-31
Published