GHSA-CR22-WJX7-2W6M MCP Server Kubernetes: Tool Access Control Bypass via Presentation-Layer Filtering Without Execution-Layer Enforcement

Summary mcp-server-kubernetes exposes three environment variables ALLOWONLYREADONLYTOOLS, ALLOWONLYNONDESTRUCTIVETOOLS, ALLOWEDTOOLS documented as access controls for restricting which Kubernetes operations are available. These controls are enforced at the tool discovery layer tools/list but not ...

MCP Server Kubernetes: Tool Access Control Bypass via Presentation-Layer Filtering Without Execution-Layer Enforcement

Summary mcp-server-kubernetes exposes three environment variables ALLOWONLYREADONLYTOOLS, ALLOWONLYNONDESTRUCTIVETOOLS, ALLOWEDTOOLS documented as access controls for restricting which Kubernetes operations are available. These controls are enforced at the tool discovery layer tools/list but not ...

PT-2026-42619

Summary mcp-server-kubernetes exposes three environment variables ALLOW ONLY READONLY TOOLS, ALLOW ONLY NON DESTRUCTIVE TOOLS, ALLOWED TOOLS documented as access controls for restricting which Kubernetes operations are available. These controls are enforced at the tool discovery layer tools/list...

CVE-2026-35469 vulnerabilities

Vulnerabilities for packages: tigera-operator-fips, kubescape-server-fips, trivy-operator, cert-manager-istio-csr-fips, k8s-driver-manager, dynamic-localpv-provisioner-fips, eks-distro, redis-operator, percona-server-mongodb-operator, docker-cli-buildx-fips, redis-operator-fips, kiali, hubble,...

GHSA-GJVH-7JH8-7XHM vulnerabilities

Vulnerabilities for packages: supercronic, crossplane-provider-sql, kaf, wal-g, k8sgpt-operator, memcached-exporter, ctop, speedtest-go, fscrypt, nri-haproxy, cluster-api, terraform-provider-aws, s5cmd, kubernetes-replicator, azure-workload-identity-webhook, gcsfuse, step, trillian, vt-cli,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: kubecolor, supercronic, crossplane-provider-sql, kaf, wal-g, k8sgpt-operator, memcached-exporter, ctop, speedtest-go, fscrypt, nri-haproxy, cluster-api, terraform-provider-aws, s5cmd, kubernetes-replicator, azure-workload-identity-webhook, gcsfuse, step, trillian,...

CVE-2026-33762 vulnerabilities

Vulnerabilities for packages: kyverno, nfpm, trivy, dagger, tfsec, kaniko, kots, kubevela, trivy-operator, wolfictl, osv-scanner, grafana-alloy, gitaly, argocd-image-updater, flux-image-automation-controller, teleport, zot, gitlab-runner, argo-events, guac, cerbos, xeol, gomplate, melange, chezmo...

CVE-2026-27139 vulnerabilities

Vulnerabilities for packages: azure-container-networking, chartmuseum-fips, crossplane-provider-aws-ecr, flux-source-controller, kubernetes-secret-generator, crossplane-provider-aws-sqs-fips, metrics-agent-fips, grpc-health-probe-fips, skopeo, ceph-csi-operator-fips, crossplane-provider-gcp,...

CVE-2025-61727 vulnerabilities

Vulnerabilities for packages: chartmuseum-fips, grpc-health-probe-fips, ceph-csi-operator-fips, knative-operator-fips, whereabouts-fips, wave-fips, amazon-cloudwatch-agent-fips, flux-image-automation-controller-fips, regclient, gatekeeper, redis-operator-fips, mongo-tools-fips,...

CVE-2025-58187 vulnerabilities

Vulnerabilities for packages: kubecolor, supercronic, kaf, prometheus-alertmanager, k8sgpt-operator, ctop, speedtest-go, fscrypt, cluster-api, s5cmd, kubernetes-replicator, azure-workload-identity-webhook, gcsfuse, trillian, k6, mockgen, vt-cli, nri-prometheus, rancher-telemetry, ko, flannel,...

EUVD-2021-18811

Malware in sbrugna...

EUVD-2021-15127

Malware in sbrugna...

Malicious code in vscode-kubernetes-tools (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6779 Malicious code in vscode-kubernetes-tools (npm)

The package communicates with a domain associated with malicious activity...

GHSA-GJV4-GHM7-Q58Q MCP Server Kubernetes vulnerable to command injection in several tools

Summary A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.execSync, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to...

GHSA-6F52-WPX2-HVF2 vulnerabilities

Vulnerabilities for packages: azure-container-networking, chartmuseum-fips, skopeo, golangci-lint, grpc-health-probe-fips, knative-operator-fips, aws-eks-pod-identity-agent, whereabouts-fips, newrelic-k8s-metadata-injection, cortex-fips, wave-fips, amazon-cloudwatch-agent-fips,...

CVE-2024-45338 vulnerabilities

Vulnerabilities for packages: kaniko, crossplane-provider-sql, kaf, wal-g, prometheus-alertmanager, k8sgpt-operator, memcached-exporter, terraform-provider-aws, crossplane-provider-aws-memorydb, kubernetes-replicator, crossplane-provider-aws-cloudfront, gcsfuse, step, trillian, k6, nri-prometheus...

Malicious code in k8s-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ccbda1c33a268bb1641ff4dc9ed60a84c28d96d167768dc09e6258fb96d697c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the Microsoft Visual Studio Code Kubernetes Tools Extension relates to improper code generation management, allowing an attacker to escalate their privileges.

The vulnerability of the Microsoft Visual Studio Code Kubernetes Tools Extension relates to improper code generation management. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2021-31938

Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability...