CVE-2026-39884 | Flux159 mcp-server-kubernetes up to 3.4.x Model Context Protocol port_forward.ts spawn argument injection

A vulnerability classified as critical was found in Flux159 mcp-server-kubernetes up to 3.4.x. This issue affects the function spawn of the file src/tools/port_forward.ts of the component Model Context Protocol. Executing a manipulation can lead to argument injection.

This vulnerability appears as CVE-2026-39884. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More