{"id":"CVE-2025-59377","details":"feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355.","aliases":["GHSA-4hqq-7q79-932p"],"modified":"2026-03-14T12:45:22.591108Z","published":"2025-09-15T14:15:44.287Z","references":[{"type":"WEB","url":"https://github.com/feiskyer/mcp-kubernetes-server/blob/78957b6c1a3982080cf6fcaac6f6e9014116a71c/src/mcp_kubernetes_server/command.py#L38"},{"type":"ADVISORY","url":"https://github.com/william31212/CVE-Requests-1896609"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/feiskyer/mcp-kubernetes-server","events":[{"introduced":"0"},{"last_affected":"40d66d8b7745d5f704eb4d396cd6544e9ae28b01"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.1.11"}]}}],"versions":["v0.1.10","v0.1.11","v0.1.4","v0.1.6","v0.1.7","v0.1.8","v0.1.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59377.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}