Improper Command Restriction

mcp-kubernetes-server is vulnerable to improper command restriction. The vulnerability is due to incomplete validation of chained commands in the implementation of --disable-write and --disable-delete, which allows an attacker to bypass restrictions and execute unauthorized write or delete...

EUVD-2025-29194

Malicious code in bioql PyPI...

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

mcp-kubernetes-server has a Command Injection vulnerability

mcp-kubernetes-server does not correctly enforce the --disable-write / --disable-delete protections when commands are chained. The server only inspects the first token to decide whether an operation is write/delete, which allows a read-like command to be followed by a write action using shell...

GHSA-HJM5-XGJ8-VWJ6 mcp-kubernetes-server has a Command Injection vulnerability

mcp-kubernetes-server does not correctly enforce the --disable-write / --disable-delete protections when commands are chained. The server only inspects the first token to decide whether an operation is write/delete, which allows a read-like command to be followed by a write action using shell...

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

PT-2025-37488

Name of the Vulnerable Software and Affected Versions: feiskyer mcp-kubernetes-server versions through 0.1.11 Description: The software does not properly handle chained commands when using the --disable-write and --disable-delete options. Specifically, it allows commands containing chained...

CVE-2025-59376

feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word i.e., "version" is not a write or delete operation...

CVE-2025-59376

The CVE-2025-59376 entry concerns feiskyer’s mcp-kubernetes-server (through v0.1.11). The issue is improper handling of chained commands in the --disable-write/--disable-delete logic: commands like kubectl version; kubectl delete pod may bypass restrictions because only the first token is checked...

PT-2025-28241 · Robocode +1 · Robocode +1

Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.22.6 Description: Roo Code is an AI-powered autonomous coding agent. If the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and...

PT-2024-25764 · Libmodbus · Libmodbus

Name of the Vulnerable Software and Affected Versions: libmodbus version 3.1.10 Description: The issue is a Buffer Overflow that can be triggered via the modbus write bits function when it is fed with specially crafted input. This leads to out-of-bounds read and can potentially cause a crash or...

CVE-2022-46166 Spring Boot Admins integrated notifier support allows arbitrary code execution

Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers e.g. Teams-Notifier and write access to environment variables via UI are affected. Users are advised to upgrade to th...

PT-2020-6582

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.9.x Description A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and...

Lenovo ThinkPad BIOS System Management Mode Arbitrary Code Execution Vulnerability

BIOS Basic Input/Output System i.e. Basic Output Input System is the most basic software code loaded on the computer hardware system. The Lenovo ThinkPad BIOS has a security vulnerability that can be exploited by an attacker with local administrative access to execute arbitrary code, disable flas...