Lucene search
+L

279 matches found

Vulnrichment
Vulnrichment
added 2026/03/16 12:0 a.m.3 views

CVE-2025-69902

A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...

6.1AI score0.02057EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.8 views

PT-2026-25814

🔴 CVE-2025-69902 - Critical A command injection vulnerability in the minimal wrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharact... https://t.co/PU0OcLfG2G https://t.co/y3eBStKQr5...

9.8CVSS6.1AI score0.02057EPSS
Exploits0References8
CVE
CVE
added 2026/03/16 12:0 a.m.20 views

CVE-2025-69902

CVE-2025-69902 affects kubectl-mcp-server (minimal_wrapper.py) v1.2.0 where an attacker can inject shell metacharacters to achieve command injection. The Red Hat/NVD/CVE entries confirm a vulnerability in minimal_wrapper.py with potential arbitrary command execution, rated critical (CVSSv3.1: AV:...

9.8CVSS6.1AI score0.02057EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/03 2:50 p.m.16 views

Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

Impact An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where a flaw with authorization logic allows privilege escalation through cluster role template binding CRTB and project role template binding PRTB. This issue does not affect the local cluster, it affects onl...

9.1CVSS7AI score0.00844EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/03 2:50 p.m.6 views

GHSA-6X34-89P7-95WG Rancher has downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

Impact An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where a flaw with authorization logic allows privilege escalation through cluster role template binding CRTB and project role template binding PRTB. This issue does not affect the local cluster, it affects onl...

9.1CVSS5.8AI score0.00844EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/03/03 2:48 p.m.13 views

Rancher's Azure AD permission changes are not reflected on active sessions

A bug has been identified in which permission changes in Azure AD are not reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or ar...

8.8CVSS7.1AI score0.00454EPSS
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 2026/02/22 2:35 p.m.182 views

operator-poc

operator-poc // TODOuser: Add simple overview of use/purpose...

5.7AI score
Exploits0
Veracode
Veracode
added 2025/12/13 7:20 a.m.7 views

Command Injection

mcp-kubernetes-server is vulnerable to Command Injection. The vulnerability is due to the use of shell=True in the /mcp/kubectl endpoint, which allows an attacker to inject and execute arbitrary operating system commands...

9.8CVSS6AI score0.01224EPSS
Exploits0References5Affected Software1
Fedora
Fedora
added 2025/11/25 1:42 a.m.8 views

[SECURITY] Fedora 42 Update: kubernetes1.33-1.33.6-1.fc42

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/25 1:42 a.m.11 views

[SECURITY] Fedora 42 Update: kubernetes1.34-1.34.2-1.fc42

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/25 1:22 a.m.11 views

[SECURITY] Fedora 41 Update: kubernetes1.34-1.34.2-1.fc41

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/24 1:27 a.m.10 views

[SECURITY] Fedora 43 Update: kubernetes1.33-1.33.6-1.fc43

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/23 1:23 a.m.9 views

[SECURITY] Fedora 41 Update: kubernetes1.32-1.32.10-2.fc41

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/22 1:19 a.m.9 views

[SECURITY] Fedora 42 Update: kubernetes1.31-1.31.14-1.fc42

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2025/11/22 1:17 a.m.8 views

[SECURITY] Fedora 41 Update: kubernetes1.31-1.31.14-1.fc41

Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machin...

7.5CVSS7.5AI score0.00626EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-2942

Malware in sbrugna...

6.5CVSS6.7AI score0.03616EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2025-29193

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.01224EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-1065

Malicious code in bioql PyPI...

7CVSS6.8AI score0.00362EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0579

Malicious code in bioql PyPI...

3CVSS5.9AI score0.00778EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-2004

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.0159EPSS
Exploits0References6
Rows per page
Query Builder