CVE-2025-59376
The CVE-2025-59376 entry concerns feiskyer’s mcp-kubernetes-server (through v0.1.11). The issue is improper handling of chained commands in the --disable-write/--disable-delete logic: commands like kubectl version; kubectl delete pod may bypass restrictions because only the first token is checked...