16 matches found
CVE-2025-65719
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
GHSA-94GR-W3Q5-RFQR Open Source Kubectl MCP Server vulnerable to arbitrary code execution via user interaction with crafted HTML page
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
CVE-2025-65719
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
CVE-2025-65719
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
CVE-2025-65719
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
CVE-2025-65719
Affected software: Open Source Kubectl MCP Server v1.1.1. Issue: A vulnerability allows attackers to execute arbitrary code on a victim system via a crafted HTML page. What is known: Documented across multiple sources (NVD, EUVD, CVE listing) with the same description. No explicit root cause, aff...
kubectl-mcp-server 安全漏洞
kubectl-mcp-server is a tool developed by Rohit Ghumare, a personal developer, for managing Kubernetes clusters using natural language. Version 1.1.1 of kubectl-mcp-server contains a security vulnerability. This vulnerability allows attackers to execute arbitrary code on the victim’s system throu...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
Arbitrary Command Injection
Overview kubectl-mcp-tool is an Alias package for kubectl-mcp-server use kubectl-mcp-server instead Affected versions of this package are vulnerable to Arbitrary Command Injection via the runkubectlcommand function in the minimalwrapper.py component. An attacker can execute arbitrary system...
EUVD-2025-208773
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
CVE-2025-69902
CVE-2025-69902 affects kubectl-mcp-server (minimal_wrapper.py) v1.2.0 where an attacker can inject shell metacharacters to achieve command injection. The Red Hat/NVD/CVE entries confirm a vulnerability in minimal_wrapper.py with potential arbitrary command execution, rated critical (CVSSv3.1: AV:...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
PT-2026-25814
🔴 CVE-2025-69902 - Critical A command injection vulnerability in the minimal wrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharact... https://t.co/PU0OcLfG2G https://t.co/y3eBStKQr5...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...
CVE-2025-69902
A command injection vulnerability in the minimalwrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters...