CVE-2025-66404 | Flux159 mcp-server-kubernetes up to 2.9.7 exec_in_pod command injection (GHSA-wvxp-jp4w-w8wg)

A vulnerability classified as critical was found in Flux159 mcp-server-kubernetes up to 2.9.7. The affected element is an unknown function of the component exec_in_pod. Such manipulation leads to command injection.

This vulnerability is listed as CVE-2025-66404. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More