Privilege Escalation Vulnerability in mcp-server-kubernetes by Flux159
CVE-2026-47250

6.1MEDIUM

Key Information:

Vendor

Flux159

Vendor
CVE Published:
11 June 2026

What is CVE-2026-47250?

The mcp-server-kubernetes is susceptible to an attack allowing privilege escalation due to the improper handling of user-supplied flags by the kubectl_generic tool. Attackers with restricted access, such as pod-deployment permissions, can exploit this weakness by injecting a structured JSON line into application logs. If an operator with elevated permissions utilizes the MCP server to access these logs, the injected instructions may cause kubectl_generic to relay sensitive API requests, including security tokens, to an attacker-controlled server. This poses a serious risk as the attacker can gain unauthorized access to the Kubernetes API server, inheriting the full permissions of the operator’s service account. To mitigate this risk, ensure you update to version 3.7.0 or a later version.

Affected Version(s)

mcp-server-kubernetes < 3.7.0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.