Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-29194

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00281EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/09/17 12:49 a.m.10 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

5.3CVSS7.2AI score0.00281EPSS
Exploits0References1
OSV
OSVadded 2025/09/15 3:31 p.m.3 views

GHSA-HJM5-XGJ8-VWJ6 mcp-kubernetes-server has a Command Injection vulnerability

mcp-kubernetes-server does not correctly enforce the --disable-write / --disable-delete protections when commands are chained. The server only inspects the first token to decide whether an operation is write/delete, which allows a read-like command to be followed by a write action using shell...

5.3CVSS7.2AI score0.00281EPSS
Exploits0References4
NVD
NVDadded 2025/09/15 2:15 p.m.1 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

5.3CVSS0.00281EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/15 12:0 a.m.8 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/15 12:0 a.m.2 views

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

3.7CVSS6.9AI score0.00281EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/15 12:0 a.m.2 views

mcp-kubernetes-server 安全漏洞

mcp-kubernetes-server is a Model Context Protocol server for Pengfei Ni Personal Developer. A security vulnerability exists in mcp-kubernetes-server version 0.1.11 and earlier, which stems from an unconsidered chained command that could lead to bypassing write and delete operation restrictions...

5.3CVSS6.6AI score0.00281EPSS
Exploits0References3
CVE
CVEadded 2025/09/15 12:0 a.m.17 views

CVE-2025-59376

The CVE-2025-59376 entry concerns feiskyer’s mcp-kubernetes-server (through v0.1.11). The issue is improper handling of chained commands in the --disable-write/--disable-delete logic: commands like kubectl version; kubectl delete pod may bypass restrictions because only the first token is checked...

5.3CVSS6.9AI score0.00281EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder