mcp-server-kubernetes (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package mcp-server-kubernetes, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2026-46519 — CVSS 8.8 (high): mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes…
CVE-2026-39884 — CVSS 8.3 (high): mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Versions 3.4.0 and prior contain an argument…
CVE-2025-53355 — CVSS 7.5 (high): MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in…
CVE-2025-54073 — CVSS 7.5 (high): mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across…
CVE-2025-66404 — CVSS 6.4 (medium): MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue…
CVE-2026-47250 — CVSS 6.1 (medium): mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic…