feiskyer/mcp-kubernetes-server

GitHub

github.com

pypi.org

Releases8

Frequency1 month 1 day

Last Release 8 months ago

Stars17

A Model Context Protocol (MCP) server that enables AI assistants to interact with Kubernetes clusters. It serves as a bridge between AI tools (like Claude, Cursor, and GitHub Copilot) and Kubernetes, translating natural language requests into Kubernetes operations and returning the results in a format the AI tools can understand.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-59376 ↗	Sep 15, 2025Monday, 15 September 2025, 14:15	3.7 LOW	—
feiskyer mcp-kubernetes-server through 0.1.11 does not consider chained commands in the implementation of --disable-write and --disable-delete, e.g., it allows a "kubectl version; kubectl delete pod" command because the first word (i.e., "version") is not a write or delete operation.
CVE-2025-59377 ↗	Sep 15, 2025Monday, 15 September 2025, 14:15	3.7 LOW	—
feiskyer mcp-kubernetes-server through 0.1.11 allows OS command injection, even in read-only mode, via /mcp/kubectl because shell=True is used. NOTE: this is unrelated to mcp-server-kubernetes and CVE-2025-53355.