CNNVD-202509-2175 Information

CNNVD ID

CNNVD-202509-2175

Related CVE

CVE-2025-59376

• CNNVD Published: 2025-09-15

Description (Chinese)

mcp-kubernetes-server是Pengfei Ni个人开发者的一个模型上下文协议服务器。 mcp-kubernetes-server 0.1.11及之前版本存在安全漏洞，该漏洞源于未考虑链式命令，可能导致绕过写操作和删除操作限制。

Description (English)

mcp-kubernetes-server is a model context protocol server for Pengfei Ni personal developers. There is a security loophole in mcp-kubernetes-server 0.1.11 and earlier versions, which stems from the failure to consider chain orders, which may lead to the circumvention of writing and the removal of operational restrictions.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-15

Last Modified

2026-02-24

References

https://github.com/feiskyer/mcp-kubernetes-server/blob/78957b6c1a3982080cf6fcaac6f6e9014116a71c/src/mcp_kubernetes_server/main.py#L106-L137 https://github.com/william31212/CVE-Requests-1896609 https://access.redhat.com/security/cve/cve-2025-59376