Feiskyer Mcp-Kubernetes-Server vulnerabilities
3 known vulnerabilities affecting feiskyer/mcp-kubernetes-server.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-59377P2HIGHCVSS 7.5≥ 0, ≤ 0.1.112025-09-15
CVE-2025-59377 [HIGH] CWE-78 mcp-kubernetes-server has an OS Command Injection vulnerability
mcp-kubernetes-server has an OS Command Injection vulnerability
`feiskyer/mcp-kubernetes-server` through **0.1.11** allows **OS command injection** via the `/mcp/kubectl` endpoint. The handler constructs a shell command with user-supplied arguments and executes it with `subprocess` using `shell=True`, enabling injection through shell metacharacters (e.g., `;`, `&&`, `$()`), even when the server is runni
ghsaosv
CVE-2025-53355P3HIGHCVSS 7.5≤ 0.1.112025-07-08
CVE-2025-53355 [HIGH] CWE-77 CVE-2025-53355: MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A com
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child_process.execSync, enabling an attacker to inject arbitrary system commands. Success
nvd
CVE-2025-59376P4MEDIUMCVSS 5.3≤ 0.1.112025-09-15
CVE-2025-59376 [MEDIUM] CWE-77 CVE-2025-59376: feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementati
feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word (i.e., "version") is not a write or delete operation.
ghsanvdosv