Feisky

feisky

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Mcp Kubernetes Server

mcp-kubernetes-server

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-59377 1Feisky 1Mcp Kubernetes Server Sep 20, 2025 Sep 15, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355.
CVE-2025-59376 1Feisky 1Mcp Kubernetes Server Sep 20, 2025 Sep 15, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the...Show more feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word (i.e., "version") is not a write or delete operation.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-59377

1Feisky

1Mcp Kubernetes Server

Sep 20, 2025

Sep 15, 2025

N/A· v4

9.8 CRITICAL· v3

N/A· v2

feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355.

CVE-2025-59376