mcp-server-kubernetes

npm3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting mcp-server-kubernetespage 1 of 1

CVE-2025-53355HIGHCVSS 7.5EG 7.5✓ Fixed in 2.5.0
2025-07-08
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input pa…
CVE-2025-66404MEDIUMCVSS 6.4EG 6.4✓ Fixed in 2.9.8
2025-12-03
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided…
CVE-2026-39884HIGHCVSS 8.3EG 8.3✓ Fixed in 3.5.0
2026-04-15
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument injection vulnerability in the port_forward tool in src/tools/port_forward.ts, where a kubectl command…

Check whether mcp-server-kubernetes is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for mcp-server-kubernetes CVEs against the assets you own.

Start Free Scan →