PT-2026-57272 · Unknown · Mcp-Server-Kubernetes

George Chen

·

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-61459

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions MCP Server Kubernetes versions prior to 3.9.0
Description An argument injection flaw exists in structured tools, specifically within the kubectl get, kubectl describe, and kubectl delete functions. By providing the resourceType and name parameters with leading dashes, an attacker can bypass the assertNoDangerousFlags security check. This allows the injection of the --server flag to redirect commands to an external API server controlled by the attacker, which can lead to the transmission of the operator's bearer token and full cluster compromise.
Recommendations Update MCP Server Kubernetes to version 3.9.0 or later. As a temporary mitigation, restrict the use of the kubectl get, kubectl describe, and kubectl delete functions.

Exploit

Fix

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-61459

Affected Products

Mcp-Server-Kubernetes