Vulnerability Details CVE-2025-59377
feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.6%
CVSS Severity
CVSS v3 Score 3.7
References
Products affected by CVE-2025-59377
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.10
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.11
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.4
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.6
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.7
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.8
-
cpe:2.3:a:feisky:mcp-kubernetes-server:0.1.9